public inbox for ltp@lists.linux.it
 help / color / mirror / Atom feed
From: Petr Vorel <pvorel@suse.cz>
To: Sachin Sant <sachinp@linux.ibm.com>
Cc: ltp@lists.linux.it
Subject: Re: [LTP] [PATCH v2] doc: generate CVE reproducer statistics
Date: Thu, 23 Apr 2026 14:31:10 +0200	[thread overview]
Message-ID: <20260423123110.GA447647@pevik> (raw)
In-Reply-To: <20260423112439.69230-1-sachinp@linux.ibm.com>

Hi Sachin,

[ Cc Andrea ]

> Add a Sphinx builder hook to parse runtest/cve, collect CVE
> reproducer metadata, and generate a documentation page with
> per-year counts and links to CVE entries and test sources.

> Also include the generated CVE reproducer statistics page from
> doc/users/stats.rst.

Thanks for implementing this.

I'd prefer this to be on a separate page named "CVE Reproducers"
(OT: I'd also prefer to rename "Statistics" to "Supported syscalls", but that's
separate thing.)


More notes:

* I suppose it shouldn't be too hard to do it similarly as what we do in the test
  catalog [1], have each CVE id + optional binary name in parenthesis in the menu
  on the left:

	CVE-2025-38236
	...
	CVE-2016-5195 (dirtyc0w)
	...

  Or, we could have tables by years (i.e. left menu only years with counted
  number of tests in parenthesis)

	2025 (2)
	2023 (3)

  I don't have a strong preference, which one is better.

* Sort by CVE ID descending (newest CVE on the top, people are mostly
  interested at current problems than about history).
* Maybe link to the file should be linked to the test catalog page (which has
  also link to the test source?), e.g. [2] (link could be relative).
* The description is mostly useless (often just CVE ID or "CVE reproducer
  test"), link to the test catalog would help.
* Year is useless (visible from CVE ID)
* Some of the tests don't have link now, e.g. dirtyc0w, snd_timer01.

Kind regards,
Petr

[1] https://linux-test-project.readthedocs.io/en/latest/users/test_catalog.html
[2] https://linux-test-project.readthedocs.io/en/latest/users/test_catalog.html#cve-2016-7042

-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

  reply	other threads:[~2026-04-23 12:31 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-23 11:24 [LTP] [PATCH v2] doc: generate CVE reproducer statistics Sachin Sant
2026-04-23 12:31 ` Petr Vorel [this message]
2026-04-23 13:17   ` Sachin Sant
2026-04-23 13:32 ` [LTP] " linuxtestproject.agent

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260423123110.GA447647@pevik \
    --to=pvorel@suse.cz \
    --cc=ltp@lists.linux.it \
    --cc=sachinp@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox