Ubuntu CVE Tracker

Merge ~alexmurray/ubuntu-cve-tracker:optimise-cve-lib-get-long-kernel-hash into ubuntu-cve-tracker:master

  1. Git
  2. lp:~alexmurray/ubuntu-cve-tracker
  3. optimise-cve-lib-get-long-kernel-hash
  4. Merge into master
Proposed by Alex Murray
Status: Merged
Merged at revision: f77960c691522ef8d1c638bd26f56a5c056cd243
Proposed branch: ~alexmurray/ubuntu-cve-tracker:optimise-cve-lib-get-long-kernel-hash
Merge into: ubuntu-cve-tracker:master
Diff against target: 30 lines (+15/-1)
1 file modified
scripts/cve_lib.py (+15/-1)
Reviewer Review Type Date Requested Status
Seth Arnold Approve
Marc Deslauriers Approve
Review via email: mp+462745@code.launchpad.net

Description of the change

scripts/cve_lib.py: optimise get_long_kernel_hash()

The initial kernel git commit is a single huge commit which added the entire
2.6.12-rc2 kernel into the git repo - as such, fetching this takes a really long
time AND it is both a common Fixes: commit since it is used for anything which
has existed in the kernel since that time. So optimise for this case by checking
specifically if a short_hash matches this and just returning the known full
commit hash in that case without looking it up. Also for the general case, since
we really only need the first line of the commit patch body to get the "From "
line, just fetch the first 1k of the patch without waiting for the rest.

Signed-off-by: Alex Murray <email address hidden>

To post a comment you must log in.
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

LGTM, thanks!

review: Approve
Revision history for this message
Seth Arnold (seth-arnold) wrote :

I like it; 12 chars might be too long for it to ever actually work in practice, but it's a very safe length :)

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
2index d8e274d..95c8f65 100755
3--- a/scripts/cve_lib.py
4+++ b/scripts/cve_lib.py
5@@ -3571,10 +3571,24 @@ def in_break_fixes(commit, break_fixes):
6
7 def get_long_kernel_hash(short_hash):
8 '''Attempts to get a long kernel hash'''
9+ # don't try and fetch the initial kernel git commit as this is huge
10+ INITIAL_COMMIT_HASH="1da177e4c3f41524e886b7f1b8a0c1fc7321cac2"
11+ # but we also don't want to match on a short_hash like '1' either so if we
12+ # are going to use this short-cut ensure we have enough of a short_hash that
13+ # it is likely unique
14+ # [ $(git rev-parse --short $INITIAL_COMMIT_HASH | wc -c) -eq 13 ]
15+ if len(short_hash) > 12 and INITIAL_COMMIT_HASH.startswith(short_hash):
16+ return INITIAL_COMMIT_HASH
17
18 url = 'https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/patch/?id=' + short_hash
19 with urllib.request.urlopen(url) as response:
20- patch = response.read().decode('utf-8')
21+ try:
22+ # we only need the first line of the patch so limit to the first
23+ # 1024 bytes
24+ patch = response.read(1024).decode('utf-8')
25+ except Exception as e:
26+ print("Failed to fetch patch via url '%s': %s" % (url, str(e)), file=sys.stderr)
27+ return short_hash
28
29 for line in patch.split("\n"):
30 if line.startswith("From "):

Subscribers

People subscribed via source and target branches