[1/6] cve-update-db-native: don't hardcode the database name

Message ID 20191118164647.29409-1-ross.burton@intel.com
State Accepted
Commit 0d188a9dc4ae64c64cd661e9d9c3841e86f226ab
Headers show
Series
  • [1/6] cve-update-db-native: don't hardcode the database name
Related show

Commit Message

Ross Burton Nov. 18, 2019, 4:46 p.m.
Don't hardcode the database filename, there's a variable for this in
cve-check.bbclass.

Signed-off-by: Ross Burton <ross.burton@intel.com>

---
 meta/recipes-core/meta/cve-update-db-native.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.20.1

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Comments

Armin Kuster Nov. 18, 2019, 7:11 p.m. | #1
On 11/18/19 8:46 AM, Ross Burton wrote:
> Don't hardcode the database filename, there's a variable for this in

> cve-check.bbclass.

>

> Signed-off-by: Ross Burton <ross.burton@intel.com>


do you recommend these being backported ?

- armin
> ---

>  meta/recipes-core/meta/cve-update-db-native.bb | 4 ++--

>  1 file changed, 2 insertions(+), 2 deletions(-)

>

> diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb

> index 19875a49b1c..c15534de08b 100644

> --- a/meta/recipes-core/meta/cve-update-db-native.bb

> +++ b/meta/recipes-core/meta/cve-update-db-native.bb

> @@ -28,8 +28,8 @@ python do_populate_cve_db() {

>      BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"

>      YEAR_START = 2002

>  

> -    db_dir = os.path.join(d.getVar("DL_DIR"), 'CVE_CHECK')

> -    db_file = os.path.join(db_dir, 'nvdcve_1.0.db')

> +    db_file = d.getVar("CVE_CHECK_DB_FILE")

> +    db_dir = os.path.dirname(db_file)

>      json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')

>  

>      # Don't refresh the database more than once an hour


-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
Ross Burton Nov. 19, 2019, 9:24 a.m. | #2
On 18/11/2019 19:11, akuster808 wrote:
> 

> 

> On 11/18/19 8:46 AM, Ross Burton wrote:

>> Don't hardcode the database filename, there's a variable for this in

>> cve-check.bbclass.

>>

>> Signed-off-by: Ross Burton <ross.burton@intel.com>

> 

> do you recommend these being backported ?


Yes, that series has some important fixes in.

Ross
-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Patch

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 19875a49b1c..c15534de08b 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -28,8 +28,8 @@  python do_populate_cve_db() {
     BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
     YEAR_START = 2002
 
-    db_dir = os.path.join(d.getVar("DL_DIR"), 'CVE_CHECK')
-    db_file = os.path.join(db_dir, 'nvdcve_1.0.db')
+    db_file = d.getVar("CVE_CHECK_DB_FILE")
+    db_dir = os.path.dirname(db_file)
     json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')
 
     # Don't refresh the database more than once an hour