Re: [PATCH] cve-check: show whitelisted status

Openembedded Core Discussions
 help / color / mirror / Atom feed

From: Adrian Bunk <bunk@stusta.de>
To: chee.yang.lee@intel.com
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] cve-check: show whitelisted status
Date: Sun, 8 Mar 2020 14:22:20 +0200	[thread overview]
Message-ID: <20200308122220.GA29115@localhost> (raw)
In-Reply-To: <1583461646-73057-1-git-send-email-chee.yang.lee@intel.com>

On Fri, Mar 06, 2020 at 10:27:26AM +0800, chee.yang.lee@intel.com wrote:
> From: Chee Yang Lee <chee.yang.lee@intel.com>
> 
> change whitelisted CVE status from "Patched" to "Whitelisted".
>...

Thanks a lot for working on this.

>...
> index 7412436..7f98da6 100644
> --- a/meta/classes/cve-check.bbclass
> +++ b/meta/classes/cve-check.bbclass
> @@ -56,10 +56,10 @@ python do_cve_check () {
>              patched_cves = get_patches_cves(d)
>          except FileNotFoundError:
>              bb.fatal("Failure in searching patches")
> -        patched, unpatched = check_cves(d, patched_cves)
> +        whitelisted, patched, unpatched = check_cves(d, patched_cves)
>...

Unfortunately this doesn't work:

$ . oe-init-build-env
$ echo 'INHERIT += "cve-check"' >> conf/local.conf
$ bitbake core-image-minimal
...
ERROR: glibc-locale-2.31-r0 do_cve_check: Error executing a python function in exec_python_func() autogenerated:

The stack trace of python calls that resulted in this exception/failure was:
File: 'exec_python_func() autogenerated', lineno: 2, function: <module>
     0001:
 *** 0002:do_cve_check(d)
     0003:
File: '/tmp/poky/meta/classes/cve-check.bbclass', lineno: 59, function: do_cve_check
     0055:        try:
     0056:            patched_cves = get_patches_cves(d)
     0057:        except FileNotFoundError:
     0058:            bb.fatal("Failure in searching patches")
 *** 0059:        whitelisted, patched, unpatched = check_cves(d, patched_cves)
     0060:        if patched or unpatched:
     0061:            cve_data = get_cve_info(d, patched + unpatched)
     0062:            cve_write_data(d, patched, unpatched, whitelisted, cve_data)
     0063:    else:
Exception: ValueError: not enough values to unpack (expected 3, got 2)

ERROR: Logfile of failure stored in: /tmp/poky/build/tmp/work/core2-64-poky-linux/glibc-locale/2.31-r0/temp/log.do_cve_check.3713
ERROR: Task (/tmp/poky/meta/recipes-core/glibc/glibc-locale_2.31.bb:do_cve_check) failed with exit code '1'


cu
Adrian

     prev parent reply	other threads:[~2020-03-08 12:22 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-06  2:27 [PATCH] cve-check: show whitelisted status chee.yang.lee
2020-03-08 12:22 ` Adrian Bunk [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200308122220.GA29115@localhost \
    --to=bunk@stusta.de \
    --cc=chee.yang.lee@intel.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox