Ubuntu CVE Tracker

Merge ~sahnaseredini/ubuntu-cve-tracker:amir-dev into ubuntu-cve-tracker:master

  1. Git
  2. lp:~sahnaseredini/ubuntu-cve-tracker
  3. amir-dev
  4. Merge into master
Proposed by Amir Naseredini
Status: Merged
Approved by: Amir Naseredini
Approved revision: 9b58c370f87ca2bc4f00668ffcbaeb8f8ca5cd66
Merged at revision: 1203150c0f53fb1b33406914a010e05eef1d7036
Proposed branch: ~sahnaseredini/ubuntu-cve-tracker:amir-dev
Merge into: ubuntu-cve-tracker:master
Diff against target: 72 lines (+16/-8)
2 files modified
scripts/pkg_history (+10/-5)
scripts/pkg_status (+6/-3)
Reviewer Review Type Date Requested Status
Spyros Seimenis Approve
Review via email: mp+444985@code.launchpad.net

Commit message

Changing the relative addresses to absolute addresses

Description of the change

There are some cases where a relative address is used in scripts/pkg_history
and scripts/pkg_status which doesn't let the code to run correctly everywhere.
This PR proposes the changes required to change the relative addresses to
absolute addresses in order to solve the issue.

To post a comment you must log in.
Revision history for this message
Spyros Seimenis (sespiros) wrote :

Hey Amir, thanks for the fixes. pkg_history might need an extra change as as it is, it would break for people using it with shells that are not bash (due to "BASH_SOURCE" missing). For example I am on zsh and I get:

scripts/pkg_history: 13: Bad substitution
dirname: missing operand

A workaround would be to simply change the shebang at the top of the pkg_history script to explicitly invoke #!/usr/bin/bash rather than #!/bin/sh (which is linked to dash in Ubuntu). pkg_status already uses #!/bin/bash and I see most scripts in UCT do the same so I guess that would be fine.

Apparently this seems like one of those rabbit-hole issues if you wanted to do that while still being POSIX compliant i.e check out https://stackoverflow.com/questions/29832037/how-to-get-script-directory-in-posix-sh

review: Needs Fixing
Revision history for this message
Amir Naseredini (sahnaseredini) wrote :

Hey Spyros, thanks for the review and comments. I made the following change:

* changed the shebang to invoke bash

Let me know what you think. Thanks

Revision history for this message
Spyros Seimenis (sespiros) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/scripts/pkg_history b/scripts/pkg_history
2index 8bc0677..022ce2d 100755
3--- a/scripts/pkg_history
4+++ b/scripts/pkg_history
5@@ -1,4 +1,4 @@
6-#!/bin/sh
7+#!/bin/bash
8
9 # Author: Jamie Strandboge <jamie@ubuntu.com>
10 # Copyright (C) 2013 Canonical Ltd.
11@@ -9,6 +9,9 @@
12
13 set -e
14
15+# finding ubuntu-cve-tracker
16+UCT_DIR="$( dirname $( dirname "${BASH_SOURCE[0]}" ))"
17+
18 showfull="no"
19 release=
20 showstatus="no"
21@@ -59,17 +62,19 @@ for pkg in "$@"; do
22 dirs="active"
23 fi
24 for d in ${dirs} ; do
25- for cve in `grep "$pattern" ./$d/CVE-* | \
26+ for cve in `grep "$pattern" "${UCT_DIR}/${d}/CVE-"* | \
27 cut -d ':' -f 1 | \
28- cut -d '/' -f 3 | \
29+ rev | \
30+ cut -d '/' -f 1 | \
31+ rev | \
32 sort -u` ; do
33 if [ "$showfull" = "yes" ]; then
34 echo ""
35- cat "./$d/$cve"
36+ cat "${UCT_DIR}/$d/$cve"
37 echo ""
38 else
39 if [ "$showstatus" = "yes" ]; then
40- status=$(grep "^$pattern" "./${d}/${cve}" | cut -d ':' -f 2-)
41+ status=$(grep "^$pattern" "${UCT_DIR}/${d}/${cve}" | cut -d ':' -f 2-)
42 echo "${cve}${status}"
43 else
44 echo "$cve"
45diff --git a/scripts/pkg_status b/scripts/pkg_status
46index 78fe49b..87f218a 100755
47--- a/scripts/pkg_status
48+++ b/scripts/pkg_status
49@@ -11,6 +11,9 @@
50 set -e
51 set -o pipefail
52
53+# finding ubuntu-cve-tracker
54+UCT_DIR="$( dirname $( dirname "${BASH_SOURCE[0]}" ))"
55+
56 #
57 # Usage:
58 # ./scripts/pkg_status pkgname1 pkgname2 ...
59@@ -54,10 +57,10 @@ for p in "$@"; do
60 pkgs="${pkgs} -p ${p}"
61 done
62 if [ "$showfull" = "yes" ]; then
63- CVES=$(./scripts/ubuntu-table $only_release $skip_esm $subproject $assigned $released_info --supported $nvd $pkgs 2>/dev/null | sort -k 2 | grep -v '^ ' | awk '{print $1}')
64- echo "$CVES" | xargs ./scripts/cve_status -f
65+ CVES=$(${UCT_DIR}/scripts/ubuntu-table $only_release $skip_esm $subproject $assigned $released_info --supported $nvd $pkgs 2>/dev/null | sort -k 2 | grep -v '^ ' | awk '{print $1}')
66+ echo "$CVES" | xargs ${UCT_DIR}/scripts/cve_status -f
67 else
68- REPORT=$(./scripts/ubuntu-table $only_release $skip_esm $subproject $assigned $released_info --supported $nvd $pkgs 2>/dev/null)
69+ REPORT=$(${UCT_DIR}/scripts/ubuntu-table $only_release $skip_esm $subproject $assigned $released_info --supported $nvd $pkgs 2>/dev/null)
70 if [ -n "$REPORT" ]; then
71 echo "$REPORT" | head -n1
72 echo "$REPORT" | tail -n +2 | sort -n

Subscribers

People subscribed via source and target branches