cve-update-db-native: use executemany() to optimise CPE insertion

Instead of calling execute() repeatedly, rewrite the function to be a generator and use executemany() for performance. (From OE-Core rev: b309840b6aa3423b909a43499356e929c8761318) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-30 12:29:55 +00:00 · 2019-07-19 21:33:17 +01:00
parent ffcf23f5f2
commit 8ec4cd3e2a
1 changed files with 29 additions and 50 deletions
@@ -102,70 +102,49 @@ def initialize_db(c):
        VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \
        VERSION_END TEXT, OPERATOR_END TEXT)")
 def insert_elt(c, db_values):
    query = "insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)"
    c.execute(query, db_values)
 def parse_node_and_insert(c, node, cveId):
    # Parse children node if needed
-    try:
+    for child in node.get('children', ()):
-        for child in node['children']:
+        parse_node_and_insert(c, child, cveId)
            parse_node_and_insert(c, child, cveId)
    except:
        pass
-    # Exit if the cpe_match node does not exists
+    def cpe_generator():
-    try:
+        for cpe in node.get('cpe_match', ()):
-        cpe_match = node['cpe_match']
+            if not cpe['vulnerable']:
-    except:
+                return
-        return
+            cpe23 = cpe['cpe23Uri'].split(':')
            vendor = cpe23[3]
            product = cpe23[4]
            version = cpe23[5]
-    for cpe in cpe_match:
+            if version != '*':
-        if not cpe['vulnerable']:
+                # Version is defined, this is a '=' match
-            return
+                yield [cveId, vendor, product, version, '=', '', '']
-        cpe23 = cpe['cpe23Uri'].split(':')
+            else:
-        vendor = cpe23[3]
+                # Parse start version, end version and operators
-        product = cpe23[4]
+                op_start = ''
-        version = cpe23[5]
+                op_end = ''
                v_start = ''
                v_end = ''
-        if version != '*':
+                if 'versionStartIncluding' in cpe:
            # Version is defined, this is a '=' match
            db_values = [cveId, vendor, product, version, '=', '', '']
            insert_elt(c, db_values)
        else:
            # Parse start version, end version and operators
            op_start = ''
            op_end = ''
            v_start = ''
            v_end = ''
            try:
                if cpe['versionStartIncluding']:
                    op_start = '>='
                    v_start = cpe['versionStartIncluding']
-            except:
+
-                pass
+                if 'versionStartExcluding' in cpe:
            try:
                if cpe['versionStartExcluding']:
                    op_start = '>'
                    v_start = cpe['versionStartExcluding']
-            except:
+
-                pass
+                if 'versionEndIncluding' in cpe:
            try:
                if cpe['versionEndIncluding']:
                    op_end = '<='
                    v_end = cpe['versionEndIncluding']
-            except:
+
-                pass
+                if 'versionEndExcluding' in cpe:
            try:
                if cpe['versionEndExcluding']:
                    op_end = '<'
                    v_end = cpe['versionEndExcluding']
            except:
                pass
-            db_values = [cveId, vendor, product, v_start, op_start, v_end, op_end]
+                yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
-            insert_elt(c, db_values)
+
    c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator())
 def update_db(c, json_filename):
    import json