[oe-commits] [openembedded-core] 26/49: cve-update-db-native: use executemany() to optimise CPE insertion
git at git.openembedded.org
git at git.openembedded.org
Wed Nov 6 20:45:13 UTC 2019
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch sumo-next
in repository openembedded-core.
commit d248ec9764d0439eb30fdb3605e9d05ee4219348
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Wed Nov 6 17:37:39 2019 +0200
cve-update-db-native: use executemany() to optimise CPE insertion
Instead of calling execute() repeatedly, rewrite the function to be a generator
and use executemany() for performance.
(From OE-Core rev: b309840b6aa3423b909a43499356e929c8761318)
Signed-off-by: Ross Burton <ross.burton at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
meta/recipes-core/meta/cve-update-db-native.bb | 85 ++++++++++----------------
1 file changed, 32 insertions(+), 53 deletions(-)
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 9470cbe..a5d8e32 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -97,70 +97,49 @@ def initialize_db(c):
VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \
VERSION_END TEXT, OPERATOR_END TEXT)")
-def insert_elt(c, db_values):
- query = "insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)"
- c.execute(query, db_values)
-
def parse_node_and_insert(c, node, cveId):
# Parse children node if needed
- try:
- for child in node['children']:
- parse_node_and_insert(c, child, cveId)
- except:
- pass
-
- # Exit if the cpe_match node does not exists
- try:
- cpe_match = node['cpe_match']
- except:
- return
-
- for cpe in cpe_match:
- if not cpe['vulnerable']:
- return
- cpe23 = cpe['cpe23Uri'].split(':')
- vendor = cpe23[3]
- product = cpe23[4]
- version = cpe23[5]
-
- if version != '*':
- # Version is defined, this is a '=' match
- db_values = [cveId, vendor, product, version, '=', '', '']
- insert_elt(c, db_values)
- else:
- # Parse start version, end version and operators
- op_start = ''
- op_end = ''
- v_start = ''
- v_end = ''
-
- try:
- if cpe['versionStartIncluding']:
+ for child in node.get('children', ()):
+ parse_node_and_insert(c, child, cveId)
+
+ def cpe_generator():
+ for cpe in node.get('cpe_match', ()):
+ if not cpe['vulnerable']:
+ return
+ cpe23 = cpe['cpe23Uri'].split(':')
+ vendor = cpe23[3]
+ product = cpe23[4]
+ version = cpe23[5]
+
+ if version != '*':
+ # Version is defined, this is a '=' match
+ yield [cveId, vendor, product, version, '=', '', '']
+ else:
+ # Parse start version, end version and operators
+ op_start = ''
+ op_end = ''
+ v_start = ''
+ v_end = ''
+
+ if 'versionStartIncluding' in cpe:
op_start = '>='
v_start = cpe['versionStartIncluding']
- except:
- pass
- try:
- if cpe['versionStartExcluding']:
+
+ if 'versionStartExcluding' in cpe:
op_start = '>'
v_start = cpe['versionStartExcluding']
- except:
- pass
- try:
- if cpe['versionEndIncluding']:
+
+ if 'versionEndIncluding' in cpe:
op_end = '<='
v_end = cpe['versionEndIncluding']
- except:
- pass
- try:
- if cpe['versionEndExcluding']:
+
+ if 'versionEndExcluding' in cpe:
op_end = '<'
v_end = cpe['versionEndExcluding']
- except:
- pass
- db_values = [cveId, vendor, product, v_start, op_start, v_end, op_end]
- insert_elt(c, db_values)
+ yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
+
+ c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator())
def update_db(c, json_filename):
import json
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list