cve-check: get_cve_info should open the database read-only

All of the function in cve-check should open the database read-only, as the only writer is the fetch task in cve-update-db. However, get_cve_info() was failing to do this, which might be causing locking issues with sqlite. (From OE-Core rev: 3c79237085169b96cc56910b08263437cad09e4d) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8de517238f1f418d9af1ce312d99de04ce2e26fc) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross@burtonini.com> 2022-02-23 12:54:31 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-10 16:39:50 +0000
commit: 16b4a5c2cbcad0edee3a36f90b1c713ded0dde7a (patch)
tree: 3589590da06cf216e87f9063744c93f9f45d01c5 /meta/classes/cve-check.bbclass
parent: 5eaa4463f125b5a1f04140647fc7d8941f27eef7 (diff)
download: poky-16b4a5c2cbcad0edee3a36f90b1c713ded0dde7a.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 21d3da7974..646929d2ed 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -265,7 +265,8 @@ def get_cve_info(d, cves):
    import sqlite3
    cve_data = {}
-    conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE"))
+    db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
+    conn = sqlite3.connect(db_file, uri=True)
    for cve in cves:
        for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)):
author	Ross Burton <ross@burtonini.com>	2022-02-23 12:54:31 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-03-10 16:39:50 +0000
commit	16b4a5c2cbcad0edee3a36f90b1c713ded0dde7a (patch)
tree	3589590da06cf216e87f9063744c93f9f45d01c5 /meta/classes/cve-check.bbclass
parent	5eaa4463f125b5a1f04140647fc7d8941f27eef7 (diff)
download	poky-16b4a5c2cbcad0edee3a36f90b1c713ded0dde7a.tar.gz

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 21d3da7974..646929d2ed 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass
@@ -265,7 +265,8 @@ def get_cve_info(d, cves):
265	import sqlite3	265	import sqlite3
266		266
267	cve_data = {}	267	cve_data = {}
268	conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE"))	268	db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
		269	conn = sqlite3.connect(db_file, uri=True)
269		270
270	for cve in cves:	271	for cve in cves:
271	for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)):	272	for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)):