mirror of
git://git.yoctoproject.org/poky.git
synced 2025-07-19 21:09:03 +02:00
bb0f1625d7
Currently, patchtest has a lot of spread-out definitions for patterns used in various setup and test functions. Organize these by putting them all into a new patterns.py module. This allows the tests/pyparsing directory to be removed, as it is now redundant. Also remove some definitions where they were duplicated or unused, and perform some renames to improve readability and avoid collisions. Many of these variables are composed from others, so the file is only partially sorted. (From OE-Core rev: 1ab55d495957918be532a36224b5598c9955a44d) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
99 lines
4.8 KiB
Python
99 lines
4.8 KiB
Python
# Checks related to the patch's CVE lines
|
|
#
|
|
# Copyright (C) 2016 Intel Corporation
|
|
#
|
|
# SPDX-License-Identifier: GPL-2.0-only
|
|
#
|
|
|
|
import base
|
|
import os
|
|
import patterns
|
|
import pyparsing
|
|
|
|
class TestPatch(base.Base):
|
|
|
|
@classmethod
|
|
def setUpClassLocal(cls):
|
|
cls.newpatches = []
|
|
# get just those relevant patches: new software patches
|
|
for patch in cls.patchset:
|
|
if patch.path.endswith('.patch') and patch.is_added_file:
|
|
cls.newpatches.append(patch)
|
|
|
|
cls.mark = str(patterns.signed_off_by_prefix).strip('"')
|
|
|
|
# match PatchSignedOffBy.mark with '+' preceding it
|
|
cls.prog = patterns.patch_signed_off_by
|
|
|
|
def setUp(self):
|
|
if self.unidiff_parse_error:
|
|
self.skip('Parse error %s' % self.unidiff_parse_error)
|
|
|
|
self.valid_status = ', '.join(patterns.upstream_status_nonliteral_valid_status)
|
|
self.standard_format = 'Upstream-Status: <Valid status>'
|
|
|
|
# we are just interested in series that introduce CVE patches, thus discard other
|
|
# possibilities: modification to current CVEs, patch directly introduced into the
|
|
# recipe, upgrades already including the CVE, etc.
|
|
new_cves = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file]
|
|
if not new_cves:
|
|
self.skip('No new CVE patches introduced')
|
|
|
|
def test_upstream_status_presence_format(self):
|
|
if not TestPatch.newpatches:
|
|
self.skip("There are no new software patches, no reason to test Upstream-Status presence/format")
|
|
|
|
for newpatch in TestPatch.newpatches:
|
|
payload = newpatch.__str__()
|
|
if not patterns.upstream_status_regex.search_string(payload):
|
|
self.fail('Added patch file is missing Upstream-Status: <Valid status> in the commit message',
|
|
data=[('Standard format', self.standard_format), ('Valid status', self.valid_status)])
|
|
for line in payload.splitlines():
|
|
if self.patchmetadata_regex.match(line):
|
|
continue
|
|
if patterns.upstream_status_regex.search_string(line):
|
|
if patterns.inappropriate.searchString(line):
|
|
try:
|
|
patterns.upstream_status_inappropriate_info.parseString(line.lstrip('+'))
|
|
except pyparsing.ParseException as pe:
|
|
self.fail('Upstream-Status is Inappropriate, but no reason was provided',
|
|
data=[('Current', pe.pstr), ('Standard format', 'Upstream-Status: Inappropriate [reason]')])
|
|
elif patterns.submitted.searchString(line):
|
|
try:
|
|
patterns.upstream_status_submitted_info.parseString(line.lstrip('+'))
|
|
except pyparsing.ParseException as pe:
|
|
self.fail('Upstream-Status is Submitted, but it is not mentioned where',
|
|
data=[('Current', pe.pstr), ('Standard format', 'Upstream-Status: Submitted [where]')])
|
|
else:
|
|
try:
|
|
patterns.upstream_status.parseString(line.lstrip('+'))
|
|
except pyparsing.ParseException as pe:
|
|
self.fail('Upstream-Status is in incorrect format',
|
|
data=[('Current', pe.pstr), ('Standard format', self.standard_format), ('Valid status', self.valid_status)])
|
|
|
|
def test_signed_off_by_presence(self):
|
|
if not TestPatch.newpatches:
|
|
self.skip("There are no new software patches, no reason to test %s presence" % PatchSignedOffBy.mark)
|
|
|
|
for newpatch in TestPatch.newpatches:
|
|
payload = newpatch.__str__()
|
|
for line in payload.splitlines():
|
|
if self.patchmetadata_regex.match(line):
|
|
continue
|
|
if TestPatch.prog.search_string(payload):
|
|
break
|
|
else:
|
|
self.fail('A patch file has been added without a Signed-off-by tag: \'%s\'' % os.path.basename(newpatch.path))
|
|
|
|
def test_cve_tag_format(self):
|
|
for commit in TestPatch.commits:
|
|
if patterns.cve.search_string(commit.shortlog) or patterns.cve.search_string(commit.commit_message):
|
|
tag_found = False
|
|
for line in commit.payload.splitlines():
|
|
if patterns.cve_payload_tag.search_string(line):
|
|
tag_found = True
|
|
break
|
|
if not tag_found:
|
|
self.fail('Missing or incorrectly formatted CVE tag in patch file. Correct or include the CVE tag in the patch with format: "CVE: CVE-YYYY-XXXX"',
|
|
commit=commit)
|