Ubuntu CVE Tracker

Merge ~iconstantin/ubuntu-cve-tracker:master into ubuntu-cve-tracker:master

  1. Git
  2. lp:~iconstantin/ubuntu-cve-tracker
  3. master
  4. Merge into master
Proposed by Ian Constantin
Status: Merged
Merge reported by: Ian Constantin
Merged at revision: ea1ddb690ff9e1b0b852c44df5886250c86e3876
Proposed branch: ~iconstantin/ubuntu-cve-tracker:master
Merge into: ubuntu-cve-tracker:master
Diff against target: 146 lines (+38/-13)
1 file modified
scripts/cve_lib.py (+38/-13)
Reviewer Review Type Date Requested Status
Alex Murray Approve
Review via email: mp+430354@code.launchpad.net

Commit message

Updated file handling to ensure files are closed after use.

Description of the change

There is a mix of how files are handled in cve_lib and at times the files are not being closed. The sample code below results in the following warnings:

     Warning (from warnings module):
       File "/home/ianc/git-pulls/ubuntu-cve-tracker/scripts/cve_lib.py", line 1832
         for line in codecs.open(cve, encoding="utf-8").readlines():
     ResourceWarning: unclosed file <_io.BufferedReader name='active/CVE-2020-25717'>

     Warning (from warnings module):
       File "/home/ianc/git-pulls/ubuntu-cve-tracker/scripts/cve_lib.py", line 1832
         for line in codecs.open(cve, encoding="utf-8").readlines():
     ResourceWarning: unclosed file <_io.BufferedReader name='active/CVE-2020-25718'>

     Warning (from warnings module):
       File "/home/ianc/git-pulls/ubuntu-cve-tracker/scripts/cve_lib.py", line 1832
         for line in codecs.open(cve, encoding="utf-8").readlines():
     ResourceWarning: unclosed file <_io.BufferedReader name='active/CVE-2020-25719'>

~~~
#!/usr/bin/python3

import optparse, os, sys, warnings

uct_path = "/home/ianc/git-pulls/ubuntu-cve-tracker"
sys.path.insert(0, uct_path + "/scripts") # Need $UCT/scripts in path to find cve_lib
os.chdir(uct_path) # cd'ing to $UCT before importing cve_lib (required)
import cve_lib

with warnings.catch_warnings():
    warnings.simplefilter('default')

    parser = optparse.OptionParser()
    opt, args = parser.parse_args()

    opt.pkgfamily = ""
    opt.debug= ""
    opt.packages = []

    cves = ["CVE-2020-25717", "CVE-2020-25718", "CVE-2020-25719"]
    uems = []

    cve_lib.load_table(cves, uems, opt)
~~~

To post a comment you must log in.
Revision history for this message
Alex Murray (alexmurray) wrote :

LGTM! Thanks.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/cve_lib.py b/scripts/cve_lib.py
2index a402f74..5d3275c 100755
3--- a/scripts/cve_lib.py
4+++ b/scripts/cve_lib.py
5@@ -1302,7 +1302,9 @@ def read_config_file(config_file):
6 # Dapper lacks this class, so reimplement it quickly
7 class ConfigObj(dict):
8 def __init__(self, filepath):
9- for line in open(filepath).readlines():
10+ with open(filepath) as inF:
11+ lines = inF.readlines()
12+ for line in lines:
13 line = line.strip()
14 if line.startswith('#') or len(line) == 0:
15 continue
16@@ -1335,7 +1337,9 @@ def read_config():
17 def drop_dup_release(cve, rel):
18 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
19 saw = set()
20- for line in codecs.open(cve, encoding="utf-8").readlines():
21+ with codecs.open(cve, encoding="utf-8") as inF:
22+ lines = inF.readlines()
23+ for line in lines:
24 if line.startswith('%s_' % (rel)):
25 pkg = line.split('_')[1].split(':')[0]
26 if pkg not in saw:
27@@ -1349,7 +1353,9 @@ def drop_dup_release(cve, rel):
28
29 def clone_release(cve, pkg, oldrel, newrel):
30 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
31- for line in codecs.open(cve, encoding="utf-8").readlines():
32+ with codecs.open(cve, encoding="utf-8") as inF:
33+ lines = inF.readlines()
34+ for line in lines:
35 if line.startswith('%s_%s:' % (oldrel, pkg)):
36 newline = line.replace('%s_%s:' % (oldrel, pkg), '%s_%s:' % (newrel, pkg), 1)
37 output.write(newline)
38@@ -1360,7 +1366,9 @@ def clone_release(cve, pkg, oldrel, newrel):
39
40 def update_state(cve, pkg, rel, state, details):
41 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
42- for line in codecs.open(cve, encoding="utf-8").readlines():
43+ with codecs.open(cve, encoding="utf-8") as inF:
44+ lines = inF.readlines()
45+ for line in lines:
46 if line.startswith('%s_%s:' % (rel, pkg)):
47 line = '%s_%s: %s' % (rel, pkg, state)
48 if details:
49@@ -1373,7 +1381,9 @@ def update_state(cve, pkg, rel, state, details):
50
51 def add_state(cve, pkg, rel, state, details, after_rel):
52 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
53- for line in codecs.open(cve, encoding="utf-8").readlines():
54+ with codecs.open(cve, encoding="utf-8") as inF:
55+ lines = inF.readlines()
56+ for line in lines:
57 if line.startswith('%s_%s:' % (after_rel, pkg)):
58 output.write(line)
59 line = '%s_%s: %s' % (rel, pkg, state)
60@@ -1396,7 +1406,9 @@ def prepend_field(cve, field, value):
61 def update_field(cve, field, value=None):
62 found = False
63 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
64- for line in codecs.open(cve, encoding="utf-8").readlines():
65+ with codecs.open(cve, encoding="utf-8") as inF:
66+ lines = inF.readlines()
67+ for line in lines:
68 if line.startswith('%s:' % (field)):
69 found = True
70 if value is None:
71@@ -1419,7 +1431,9 @@ def drop_field(cve, field):
72 def add_reference(cve, url):
73 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
74 in_references = False
75- for line in codecs.open(cve, encoding="utf-8").readlines():
76+ with codecs.open(cve, encoding="utf-8") as inF:
77+ lines = inF.readlines()
78+ for line in lines:
79 if in_references and not line.startswith(' '):
80 output.write(' ' + url + '\n')
81 in_references = False
82@@ -1452,7 +1466,8 @@ def add_cvss(cve, source, cvss):
83 in_cvss = False
84 found_cvss = False
85 updated = False
86- lines = codecs.open(cve, encoding="utf-8").readlines()
87+ with codecs.open(cve, encoding="utf-8") as inF:
88+ lines = inF.readlines()
89 for line in lines:
90 if not line.startswith('CVSS:') and not in_cvss:
91 output.write(line)
92@@ -1531,7 +1546,9 @@ def add_patch(cve, pkg, url, type="patch"):
93 in_patch = False
94
95 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
96- for line in codecs.open(cve, encoding="utf-8").readlines():
97+ with codecs.open(cve, encoding="utf-8") as inF:
98+ lines = inF.readlines()
99+ for line in lines:
100 if in_patch and not line.startswith(' '):
101 output.write(' ' + type + ': ' + url + '\n')
102 in_patch = False
103@@ -1558,7 +1575,9 @@ def update_multiline_field(cve, field, text):
104 text = '\n' + text
105 output = codecs.open(cve + ".new", 'w', encoding="utf-8")
106 skip = 0
107- for line in codecs.open(cve, encoding="utf-8").readlines():
108+ with codecs.open(cve, encoding="utf-8") as inF:
109+ lines = inF.readlines()
110+ for line in lines:
111 if skip and line.startswith(' '):
112 continue
113 skip = 0
114@@ -1828,8 +1847,9 @@ def load_cve(cve, strict=False, srcmap=None):
115 linenum = 0
116 notes_parser = NotesParser()
117 cvss_entries = []
118-
119- for line in codecs.open(cve, encoding="utf-8").readlines():
120+ with codecs.open(cve, encoding="utf-8") as inF:
121+ lines = inF.readlines()
122+ for line in lines:
123 line = line.rstrip()
124 linenum += 1
125
126@@ -2343,6 +2363,8 @@ def load_debian_cves(filename, verbose=True):
127 except:
128 print("Error parsing line %d: '%s'" % (count, line), file=sys.stderr)
129 raise
130+
131+ cvelist.close()
132 return debian
133
134
135@@ -2351,7 +2373,10 @@ def load_ignored_reasons(filename):
136
137 ignored = dict()
138
139- for line in open(filename):
140+ with open(filename) as inF:
141+ lines = inF.readlines()
142+
143+ for line in lines:
144 line = line.strip()
145 if len(line) == 0 or line.startswith('#'):
146 continue

Subscribers

People subscribed via source and target branches