diff options
Diffstat (limited to 'meta/lib/patchtest/tests/test_mbox_cve.py')
| -rw-r--r-- | meta/lib/patchtest/tests/test_mbox_cve.py | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/meta/lib/patchtest/tests/test_mbox_cve.py b/meta/lib/patchtest/tests/test_mbox_cve.py index 36548aa10c..af3712c192 100644 --- a/meta/lib/patchtest/tests/test_mbox_cve.py +++ b/meta/lib/patchtest/tests/test_mbox_cve.py | |||
| @@ -20,12 +20,13 @@ | |||
| 20 | import base | 20 | import base |
| 21 | import os | 21 | import os |
| 22 | import parse_cve_tags | 22 | import parse_cve_tags |
| 23 | import re | 23 | import pyparsing |
| 24 | 24 | ||
| 25 | class CVE(base.Base): | 25 | class CVE(base.Base): |
| 26 | 26 | ||
| 27 | revert_shortlog_regex = re.compile('Revert\s+".*"') | 27 | revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"') |
| 28 | prog = parse_cve_tags.cve_tag | 28 | prog = parse_cve_tags.cve_tag |
| 29 | patch_prog = parse_cve_tags.patch_cve_tag | ||
| 29 | 30 | ||
| 30 | def setUp(self): | 31 | def setUp(self): |
| 31 | if self.unidiff_parse_error: | 32 | if self.unidiff_parse_error: |
| @@ -34,15 +35,17 @@ class CVE(base.Base): | |||
| 34 | # we are just interested in series that introduce CVE patches, thus discard other | 35 | # we are just interested in series that introduce CVE patches, thus discard other |
| 35 | # possibilities: modification to current CVEs, patch directly introduced into the | 36 | # possibilities: modification to current CVEs, patch directly introduced into the |
| 36 | # recipe, upgrades already including the CVE, etc. | 37 | # recipe, upgrades already including the CVE, etc. |
| 37 | new_cves = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file] | 38 | new_patches = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file] |
| 38 | if not new_cves: | 39 | if not new_patches: |
| 39 | self.skip('No new CVE patches introduced') | 40 | self.skip('No new patches introduced') |
| 40 | 41 | ||
| 41 | def test_cve_presence_in_commit_message(self): | 42 | def test_cve_presence_in_commit_message(self): |
| 42 | for commit in CVE.commits: | 43 | for commit in CVE.commits: |
| 43 | # skip those patches that revert older commits, these do not required the tag presence | 44 | # skip those patches that revert older commits, these do not required the tag presence |
| 44 | if self.revert_shortlog_regex.match(commit.shortlog): | 45 | if self.revert_shortlog_regex.search_string(commit.shortlog): |
| 45 | continue | 46 | continue |
| 46 | if not self.prog.search_string(commit.payload): | 47 | if not self.patch_prog.search_string(commit.payload): |
| 48 | self.skip("No CVE tag in added patch, so not needed in mbox") | ||
| 49 | elif not self.prog.search_string(commit.payload): | ||
| 47 | self.fail('Missing or incorrectly formatted CVE tag in mbox. Correct or include the CVE tag in the mbox with format: "CVE: CVE-YYYY-XXXX"', | 50 | self.fail('Missing or incorrectly formatted CVE tag in mbox. Correct or include the CVE tag in the mbox with format: "CVE: CVE-YYYY-XXXX"', |
| 48 | commit=commit) | 51 | commit=commit) |