From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 6/9] package/pkg-utils: cve.py: Handle exception when version comparison fails
Date: Thu, 9 Jul 2020 10:52:08 +0200 [thread overview]
Message-ID: <20200709105208.6949668a@windsurf> (raw)
In-Reply-To: <20200708164006.859021-7-gregory.clement@bootlin.com>
On Wed, 8 Jul 2020 18:40:03 +0200
Gregory CLEMENT <gregory.clement@bootlin.com> wrote:
> With python 3, when a package has a version number x-y-z instead of
> x.y.z, then the version returned by LooseVersion can't be compared
> which raises an exception.
>
> This patch handles this exception by adding a new return value when
> the comparison can't be done.
>
> Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Could you re-organize the series to have this patch first ? Indeed,
this is a fix, we want to apply it both to master *and* backport it to
older branches as well.
I just ran pkg-stats this morning on a Python 3.x system, and it
exploded due to this exception.
However, are you sure just this patch as-is works fine ? The "affects"
function returned just a boolean, and now in some cases it returns a
string. How can this work without changes elsewhere in the code ?
I think it is not a great design to have a function that sometimes
returns a boolean type, sometimes returns a string. It probably needs
to be changed to return:
CVE_AFFECTS
CVE_DOESNT_AFFECT
CVE_UNKNOWN
or some other similar macros.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
next prev parent reply other threads:[~2020-07-09 8:52 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-08 16:39 [Buildroot] [PATCH 0/9] Improving CVE reporting Gregory CLEMENT
2020-07-08 16:39 ` [Buildroot] [PATCH 1/9] support/scripts: Turn CVE check into a module Gregory CLEMENT
2020-07-08 16:54 ` Thomas Petazzoni
2020-07-09 7:34 ` Gregory CLEMENT
2020-07-08 16:39 ` [Buildroot] [PATCH 2/9] support/scripts/cve.py: Switch to JSON 1.1 Gregory CLEMENT
2020-07-08 16:40 ` [Buildroot] [PATCH 3/9] package/pkg-utils: show-info: report the list of the CVEs ignored Gregory CLEMENT
2020-07-08 16:53 ` Thomas Petazzoni
2020-07-08 16:40 ` [Buildroot] [PATCH 4/9] package/pkg-utils: Make CVE class independent of the Pacakage class Gregory CLEMENT
2020-07-08 16:40 ` [Buildroot] [PATCH 5/9] support/scripts: Add a per configuration CVE checker Gregory CLEMENT
2020-07-08 18:30 ` Matthew Weber
2020-07-09 8:41 ` Gregory CLEMENT
2020-07-09 9:03 ` Gregory CLEMENT
2020-07-09 11:46 ` Matthew Weber
2020-07-08 16:40 ` [Buildroot] [PATCH 6/9] package/pkg-utils: cve.py: Handle exception when version comparison fails Gregory CLEMENT
2020-07-09 8:52 ` Thomas Petazzoni [this message]
2020-07-08 16:40 ` [Buildroot] [PATCH 7/9] support/script/pkg-stats: Manage the CVEs that need to be check Gregory CLEMENT
2020-07-09 9:00 ` Thomas Petazzoni
2020-07-08 16:40 ` [Buildroot] [PATCH 8/9] support/script/cve-checker: " Gregory CLEMENT
2020-07-08 16:40 ` [Buildroot] [PATCH 9/9] package/pkg-utils/cve.py: Manage case when package version doesn't exist Gregory CLEMENT
-- strict thread matches above, loose matches on Subject: below --
2020-07-10 11:22 [Buildroot] [PATCH 0/9] Improving CVE reporting Gregory CLEMENT
2020-07-10 11:22 ` [Buildroot] [PATCH 6/9] package/pkg-utils: cve.py: Handle exception when version comparison fails Gregory CLEMENT
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200709105208.6949668a@windsurf \
--to=thomas.petazzoni@bootlin.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.