cve_check: handle CVE_STATUS being set to the empty string

Handle CVE_STATUS[...] being set to an empty string just as if it was not set at all. This is needed for evaluated CVE_STATUS values to work, i.e. when setting not-applicable-config if a PACKAGECONFIG is disabled. (From OE-Core rev: 2c9f20f746251505d9d09262600199ffa87731a2) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@arm.com> 2024-01-22 14:04:02 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-01-23 11:53:41 +0000
commit: ab375ea3fe58ec4655302b25b7bd6013b2a791de (patch)
tree: 7adc9fd76b244d596e6e473a33c4dcaa205c0579
parent: 4a6d2cfb8aef84170eda5977fcb6233d25f42b42 (diff)
download: poky-ab375ea3fe58ec4655302b25b7bd6013b2a791de.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index 3fa77bf9a7..b5fc5364dc 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -231,7 +231,7 @@ def decode_cve_status(d, cve):
    Convert CVE_STATUS into status, detail and description.
    """
    status = d.getVarFlag("CVE_STATUS", cve)
-    if status is None:
+    if not status:
        return ("", "", "")
    status_split = status.split(':', 1)
@@ -240,7 +240,7 @@ def decode_cve_status(d, cve):
    status_mapping = d.getVarFlag("CVE_CHECK_STATUSMAP", detail)
    if status_mapping is None:
-        bb.warn('Invalid detail %s for CVE_STATUS[%s] = "%s", fallback to Unpatched' % (detail, cve, status))
+        bb.warn('Invalid detail "%s" for CVE_STATUS[%s] = "%s", fallback to Unpatched' % (detail, cve, status))
        status_mapping = "Unpatched"
    return (status_mapping, detail, description)
author	Ross Burton <ross.burton@arm.com>	2024-01-22 14:04:02 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2024-01-23 11:53:41 +0000
commit	ab375ea3fe58ec4655302b25b7bd6013b2a791de (patch)
tree	7adc9fd76b244d596e6e473a33c4dcaa205c0579
parent	4a6d2cfb8aef84170eda5977fcb6233d25f42b42 (diff)
download	poky-ab375ea3fe58ec4655302b25b7bd6013b2a791de.tar.gz

diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index 3fa77bf9a7..b5fc5364dc 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py
@@ -231,7 +231,7 @@ def decode_cve_status(d, cve):
231	Convert CVE_STATUS into status, detail and description.	231	Convert CVE_STATUS into status, detail and description.
232	"""	232	"""
233	status = d.getVarFlag("CVE_STATUS", cve)	233	status = d.getVarFlag("CVE_STATUS", cve)
234	if status is None:	234	if not status:
235	return ("", "", "")	235	return ("", "", "")
236		236
237	status_split = status.split(':', 1)	237	status_split = status.split(':', 1)
@@ -240,7 +240,7 @@ def decode_cve_status(d, cve):
240		240
241	status_mapping = d.getVarFlag("CVE_CHECK_STATUSMAP", detail)	241	status_mapping = d.getVarFlag("CVE_CHECK_STATUSMAP", detail)
242	if status_mapping is None:	242	if status_mapping is None:
243	bb.warn('Invalid detail %s for CVE_STATUS[%s] = "%s", fallback to Unpatched' % (detail, cve, status))	243	bb.warn('Invalid detail "%s" for CVE_STATUS[%s] = "%s", fallback to Unpatched' % (detail, cve, status))
244	status_mapping = "Unpatched"	244	status_mapping = "Unpatched"
245		245
246	return (status_mapping, detail, description)	246	return (status_mapping, detail, description)