From 440f07d211841147f2d2b6016a20b75747f45752 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Wed, 23 Feb 2022 12:54:31 +0000 Subject: cve-check: get_cve_info should open the database read-only All of the function in cve-check should open the database read-only, as the only writer is the fetch task in cve-update-db. However, get_cve_info() was failing to do this, which might be causing locking issues with sqlite. (From OE-Core rev: 8de517238f1f418d9af1ce312d99de04ce2e26fc) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie --- meta/classes/cve-check.bbclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'meta') diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 2d69aeba4b..d715fbf4d8 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -265,7 +265,8 @@ def get_cve_info(d, cves): import sqlite3 cve_data = {} - conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE")) + db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") + conn = sqlite3.connect(db_file, uri=True) for cve in cves: for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)): -- cgit v1.2.3-54-g00ecf