index : openembedded-core-contrib	ChenQi/BUG8314 ChenQi/CONFFILES ChenQi/CVE-2016-7795 ChenQi/IMAGE_ROOTFS_SIZE ChenQi/PU-20150601 ChenQi/PU-20150624 ChenQi/PU-20150723 ChenQi/PU-20150805 ChenQi/PU-20160111 ChenQi/PU-20160612 ChenQi/PU-20160617 ChenQi/PU-20160623 ChenQi/PU-20160624 ChenQi/PU-20160715 ChenQi/PU-20160819 ChenQi/PU20160218 ChenQi/SDK-installation ChenQi/SDK-noexec ChenQi/YP8670 ChenQi/aarch64-multilib ChenQi/alsa-state-systemd ChenQi/alternatives-nologin ChenQi/bind-configuration ChenQi/bind-db-255 ChenQi/bind-long-path ChenQi/bootchart2 ChenQi/bug-5539-7137 ChenQi/bug10250 ChenQi/bug6698 ChenQi/bug8670 ChenQi/buildstats-summary ChenQi/busybox-1.25.1 ChenQi/busybox-resize ChenQi/busybox-syslog ChenQi/cmake-native-acl ChenQi/coreutils ChenQi/coreutils-6.9-acl ChenQi/coreutils-8.24 ChenQi/coreutils-uname ChenQi/cpio-testcase ChenQi/cups-2.1.2 ChenQi/cups-pam ChenQi/daisy-rootfs-postinsts ChenQi/daisy-systemd-uclibc-alloca ChenQi/dbus-1.10.6 ChenQi/dbus-1.8.20 ChenQi/dbus-test-do_install ChenQi/debian-multilib ChenQi/dhcp-gentle-shutdown ChenQi/diffutils-diffstat ChenQi/distro_features_libc ChenQi/dora-populate-extfs ChenQi/etc-pam ChenQi/ext-sdk-3-fixes ChenQi/gettext-native ChenQi/gettext-sysroot ChenQi/git-2.11.0 ChenQi/grub-armv7a ChenQi/grub2-largefile ChenQi/hardcoding ChenQi/image-BUILDNAME ChenQi/initramfs-uuid ChenQi/initscripts-functions-rework ChenQi/iproute2-configure ChenQi/kmod-20 ChenQi/kmod-21 ChenQi/layer_extra_sanity ChenQi/libarchive-priority ChenQi/libpam-systemd ChenQi/locale-fix ChenQi/log-check-license-warn ChenQi/lsbinitscripts ChenQi/meta-environment ChenQi/mktemp-coreutils ChenQi/multilib-SYSTEMD_SERVICE ChenQi/nativesdk-PKGDATA_DIR ChenQi/nativesdk-pigz-alternative ChenQi/nfs-utils-rpcuser ChenQi/nfs-utils-segfault ChenQi/nfs-utils-systemd ChenQi/nologin-alternatives ChenQi/openssh-pam ChenQi/openssl-libcrypto ChenQi/opkg-tmpdir ChenQi/package-file-modes ChenQi/package-upgrade-20150408 ChenQi/package-upgrade-20150427 ChenQi/package-upgrades ChenQi/package-upgrades-2 ChenQi/package-upgrades-20140413 ChenQi/pciutils-PACKAGECONFIG ChenQi/perl-plan9 ChenQi/persistent-var-log ChenQi/populate-volatile-cache ChenQi/populate_sdk_base-manifest ChenQi/populate_sdk_ext_2_fixes ChenQi/portmap-systemd ChenQi/procps-sysctl.d ChenQi/python-fixes ChenQi/qa-unsafe ChenQi/qemu-console ChenQi/recipetool-license ChenQi/remove-udev-utils ChenQi/rootfs-log-check ChenQi/rootfs-postinsts ChenQi/rpcbind-systemd ChenQi/rpm-lua ChenQi/rpm-macros ChenQi/rpm2cpio ChenQi/rsync-usleep ChenQi/runqemu-extract-sdk-paths ChenQi/runqemu-internal-error-message ChenQi/runuser-pam ChenQi/sdk-exclude-layers ChenQi/sdktool ChenQi/shadow-4.2.1 ChenQi/shadow-su ChenQi/signing-keys ChenQi/siteconfig ChenQi/sstatesig-logic ChenQi/sudo-1.8.10p3 ChenQi/sudo_volatile ChenQi/sulogin-shadow ChenQi/sysstat-tmpfiles ChenQi/system-user ChenQi/systemd-SULOGIN-path ChenQi/systemd-audit ChenQi/systemd-bind9 ChenQi/systemd-container ChenQi/systemd-dhcpd ChenQi/systemd-libdir ChenQi/systemd-libidn ChenQi/systemd-manpages ChenQi/systemd-misc-fixes ChenQi/systemd-multilib ChenQi/systemd-networkd ChenQi/systemd-qemuarm64 ChenQi/systemd-rdepends ChenQi/systemd-read-only ChenQi/systemd-sysctl ChenQi/systemd-syslog-service ChenQi/systemd-uclibc-alloca ChenQi/systemd-udev-hwdb ChenQi/systemd-udev-hwdb-update ChenQi/systemd-user-units ChenQi/systemd-valgrind ChenQi/systemd-valgrindheader ChenQi/systemd_215 ChenQi/systemd_alsa-state_v86d ChenQi/systemd_readonly ChenQi/tcf-agent ChenQi/toolchain-shar-extract ChenQi/toolchain-site-config ChenQi/typo-fix ChenQi/udev-cache-stat ChenQi/uninative-tarball-fixes ChenQi/unsafe-reference ChenQi/update-alternatives-double-slash ChenQi/updatercd-priority ChenQi/util-linux-2.25.2 ChenQi/util-linux-CVE-2014-9114 ChenQi/webkitgtk-mips64 abelloni/master-next abelloni/master-next-success akusgter/bind_update akuster/bind_9.16_wip akuster/bind_update akuster/cve_checker2 akuster/for-stable-morty akuster/jethro-next akuster/lsb_wip akuster/ltp_runtime_wip akuster/master-pkg-updates akuster/master-pkg-upgrade akuster/master-updates akuster/master_pkg_update akuster/master_qa akuster/morty-next akuster/mut akuster/mut-x11 akuster/mv_thud akuster/pkg_test akuster/pybootchart_wip akuster/qa akuster/qa_changes akuster/qa_rebase akuster/qa_testing akuster/warrior_toolchain_tests akuster/ycl_selftest aldot/fixes anujm/gatesgarth anujm/hardknott anujm/honister anujm/wip anujm/zeus anujm/zeus2 cazfi/am14 cazfi/up dankm/base-permissions dankm/cft-patchelf dankm/dizzy-backports dankm/gcc-6 dankm/glibc-2.21 dankm/libdir dankm/misc-updates dankm/nfsv4 dankm/signed-sstate dankm/sstate dankm/systemd dankm/systemd-docs dankm/vecima/externalsrc dankm/vecima/misc ddk/fix-some-error-for-archiver-bbclass dengke/LSB_Update_to_5.0 dengke/add-systemd-service-for-rng_tools dengke/busybox-fix-sed-n-testcase-failure dengke/cdrtools-native-update-to-3.02 dengke/correct_the_case_for_class-native dengke/cracklib-fix-CVE-2016-6318 dengke/del-extra-varflag-set-for-autotools_copy_aclocals dengke/dosfstools-upgrade-to-4.1 dengke/enable-help-man-pages-for-perf dengke/filter-lttng-tools-ptest-output dengke/fix-apr-configure-error-for-cross-compiling dengke/fix-can-not-create-diff-tarball dengke/fix-svnadmin-create-fail dengke/fix-trace_cmd-QA-warning dengke/fix-yocto-bug-7984 dengke/fixed-bash-ptest-run-builtins-failed dengke/ltp-upgrade-to-20170116 dengke/nativesdk-coreutils_many_warnings_fixed dengke/ncurses_drop_compatible_option dengke/openssh-upgrade-to-7.4p1 dengke/pTest-strace-fail-fixed dengke/pTest-tcl-fail-fixed dengke/quilt-ptest-fail-fixed dengke/upgrade-ncurses denix/master dvhart/beagleboard fido hrw/aarch64-support hrw/libtirpc jansa/OEBasickHashLite jansa/YOCTO-9217 jansa/artifacts jansa/binutils jansa/cargo jansa/daisy jansa/dizzy jansa/dora jansa/dunfell jansa/dunfell-connman jansa/dunfell-icu jansa/dylan jansa/fido jansa/gatesgarth jansa/go jansa/hardknott jansa/honister jansa/insane jansa/io_uring jansa/jethro jansa/kirkstone jansa/krogoth jansa/langdale jansa/master jansa/master-gcc14 jansa/master-uninative-3.9-gcc-13 jansa/mickledore jansa/morty jansa/multilib jansa/nanbield jansa/optdefaulttune jansa/pseudo jansa/pseudo2 jansa/pull jansa/pyro jansa/rocko jansa/rpm-user-defined jansa/scarthgap jansa/sumo jansa/target-image jansa/thud jansa/tune-test jansa/tune-test-dunfell jansa/warrior jansa/webrtc jansa/world-image jansa/zeus joshuagl/buildtools joshuagl/copyhard joshuagl/fido-next joshuagl/getvar joshuagl/liboe joshuagl/packagefeed-stability joshuagl/runqemu joshuagl/secflags joshuagl/selftest-gplv2 joshuagl/sstate-xattr joshuagl/xattr joshuagl/xattr-fixup kergoth/devshell kergoth/oe-sync-base kergoth/oe-sync-image-features kraj/busybox-ar kraj/gcc-graphite kraj/gcc11 kraj/glibc-2.29 kraj/glibc-2.34 kraj/master kraj/misc kraj/morty kraj/patchelf kraj/pu kraj/pu-1 kraj/qemuppc64le kraj/runit kraj/toolchain-updates likewise/gnuspe lucaceresoli/master-next lucaceresoli/master-next-success m5 marquiz/bitbake/checksum-refactor marquiz/bitbake/fixes marquiz/buildperf/buildstats marquiz/buildperf/fixes marquiz/buildperf/git-import marquiz/buildperf/scripts marquiz/fixes-9338 marquiz/fixes-9338-v2 marquiz/fixes-9338-v3 marquiz/obssignd marquiz/rpmsign2 marquiz/scripts marquiz/siggen master master-next meta-yocto/stable/thud-nmut mgh/pkg-strip mgh/rpm_dep_regression mgh/xilinx-microblaze mhatle/gcc-libitm mhatle/prelink mhatle/rpm-5.4.16 misc obi/denzil obi/dora obi/dora-stable obi/krogoth obi/krogoth-stable obi/pyro obi/zeus oe_contrib/rbt/prserv paule/bracket-fixes paule/buildhistory-cmdline-memres paule/buildhistory-fix1 paule/buildhistory-fixes2 paule/buildhistory-sigs paule/buildhistory-single-commit paule/buildhistory-src-uri paule/ca-certificates-native paule/copyleft-agpl paule/core-fixes paule/correctness-fixes paule/create-pull-request paule/create-pull-request-cgit paule/ddimage-fixes2 paule/devtool-edit-recipe-selftest-fix paule/devtool-fetch-fix paule/devtool-fetch-fix-pyro paule/devtool-git-fix1 paule/devtool-localfiles paule/devtool-menuconfig paule/devtool-recipeutils-fixes paule/devtool-selftest-fix paule/devtool-singletask-lock-fix paule/devtool-tinfoil2-fix paule/devtool-update-recipe paule/devtool-upgrade-fixes paule/devtool-utf8 paule/devtool17-oe paule/devtool18 paule/devtool19-oe paule/devtool20-oe paule/devtool21-oe paule/devtool22-oe paule/devtool23-oe paule/devtool25 paule/devtool26 paule/devtool27 paule/devtool28-oe paule/devtool29-oe paule/devtool30-oe paule/devtool31-oe paule/devtool32-oe paule/devtool33-oe paule/devtool36-oe paule/devtool37-oe paule/diffsigs paule/diffsigs-fixes-oe paule/distrodata-selftest-fix paule/esdk-eclipse-fix paule/esdk-fixes3 paule/esdk-fixes4 paule/esdk-initramfs-fixes paule/esdk-require-uninative paule/esdk-runqemu-fixes paule/esdk-runqemu-path paule/esdk-selftest-fix paule/esdk-sigs-fix paule/externalsrc-cleandirs-fixes paule/externalsrc-configure paule/externalsrc-symlinks-fix paule/extsdk-path-fixes paule/extsdk-test-fix paule/extsdkfixes12-oe paule/extsdkfixes13-oe paule/fitimage paule/fixes paule/fixes1 paule/gcc-omp-fix-daisy paule/gcc-runtime paule/graph-tool paule/kernel-check paule/kernel-symlinks paule/krogoth-fixes-oe paule/libcap-ng-symlink-fix paule/libssp-sdk paule/libssp-sdk-morty paule/lic-sha256-drop paule/memres-init-param-order paule/nativesdk-qemu-helper paule/npm-fixes3 paule/npm-install-fix paule/oe-init-bitbake paule/oe-run-native-fixes paule/oe-selftest-devtool-fix paule/oe-selftest-mkelfimage paule/oetypes-fix paule/packagefeed-stability paule/patch-fixes paule/pyro-esdk-initramfs-fix-oe paule/recipetool-fetchuri paule/recipetool-fix2 paule/recipetool-fixes2-oe paule/recipetool-fixes3 paule/recipetool-fixes4 paule/recipetool-fixes5 paule/recipetool-fixes6 paule/recipetool-fixes7 paule/recipetool-fixes8 paule/recipetool-npm-fixes2 paule/retain paule/rootfs-log-check-oe paule/rpm4-remove paule/runqemu-fixes-oe paule/sdk-fixes paule/server-fixes paule/socat-license paule/startup-oe paule/startup-oe2 paule/summary paule/swig-nodejs-7 paule/symlinks-fix paule/templateconf paule/tinfoil-fixes-oe paule/tinfoil2-fixes-oecore paule/whitelist paule/wic-pseudo paule/workdir_save paule/yocto-compat-rename pbarker/opkg-refactor pbarker/opkg-v0.3.0-rc2 pbarker/python3-ptest pkj/_PYTHON_SYSCONFIGDATA_NAME-dunfell pkj/_PYTHON_SYSCONFIGDATA_NAME-gatesgarth python3-pycairo rbt/2fixes rbt/2ssfixes rbt/3fixes rbt/4fixes rbt/6fixes rbt/PU rbt/aarch64_lib32 rbt/ac-cv rbt/ac_cv rbt/acl rbt/alternatives rbt/apr rbt/apt rbt/ar_srcuri rbt/archiver rbt/archiver2 rbt/arm rbt/arm64 rbt/ascii rbt/assimp rbt/assimp-hardknott rbt/bb rbt/bbconf rbt/binutils rbt/blacklist rbt/bluez rbt/bluze5 rbt/bool rbt/bp rbt/bt rbt/buildpath rbt/buildpaths rbt/bz2 rbt/ccache rbt/cf rbt/check rbt/clean rbt/cmake rbt/conf rbt/conffiles rbt/core rbt/coreutils rbt/cp rbt/cpr rbt/cross rbt/crypt rbt/db rbt/debug rbt/deploy rbt/desktop rbt/deterministic rbt/dev rbt/devtool rbt/doc rbt/dummy rbt/dump rbt/e2fsprogs rbt/eSDK rbt/efi rbt/elf rbt/elfutils rbt/epiphany rbt/error rbt/error_report rbt/expect rbt/ext rbt/extract rbt/feed rbt/fetch rbt/file rbt/find-sysroot rbt/fix_from_wr rbt/for_hq1 rbt/ft rbt/gcc rbt/gettext rbt/getvar rbt/github rbt/glibc rbt/glibc-site rbt/gnupg rbt/go rbt/gtk rbt/hddimg rbt/home rbt/ht rbt/image rbt/img rbt/init rbt/initramfs rbt/insane rbt/ipk rbt/iso rbt/iso_efi rbt/jethro-next rbt/json rbt/kbd rbt/kbranch rbt/kernel rbt/kill-bb rbt/kvm rbt/li_recs rbt/lib32-gcc rbt/libiconv rbt/libnl rbt/lic rbt/license rbt/license-hardknott rbt/license-honister rbt/linux rbt/list rbt/live rbt/live_warn rbt/logrotate rbt/long rbt/low_version rbt/lsb rbt/lttng rbt/make rbt/mc rbt/meta rbt/mips rbt/mkdir rbt/ml_iso rbt/mlib rbt/mlqa rbt/mode rbt/multilib rbt/multilib_esdk rbt/multilib_sdk rbt/mutilib rbt/n32 rbt/native rbt/ncurses rbt/network rbt/oe-dot rbt/oeqa rbt/openssl rbt/overlay rbt/package rbt/path rbt/pc rbt/pcre rbt/pcre2 rbt/perl rbt/pkg rbt/post rbt/prelink rbt/prserv rbt/pseudo rbt/ptest rbt/pu rbt/pull rbt/py rbt/py3 rbt/python rbt/python-async rbt/qa rbt/qb rbt/qemu rbt/qemu_test rbt/qemu_v2 rbt/qemuarm rbt/qemuppc rbt/qemux86 rbt/qt rbt/qt4 rbt/race rbt/rebuild rbt/relative rbt/rerun rbt/resend rbt/rm rbt/root rbt/rpm rbt/rq rbt/rq-gen-tap rbt/rq_lock rbt/rss rbt/runqemu rbt/runqueue rbt/scm rbt/sdk rbt/sdk_time rbt/smart rbt/socat rbt/ss rbt/sstate rbt/stderr rbt/stress-ng rbt/subprocess rbt/symlink rbt/sys rbt/syslinux rbt/systemd rbt/systemd_lz4 rbt/tap rbt/tcl rbt/terminal rbt/test rbt/testtools rbt/time rbt/tiny rbt/tools rbt/uboot rbt/uboot_py rbt/udev rbt/unused rbt/up rbt/up_2 rbt/use_qemu rbt/useradd rbt/warn rbt/watdog rbt/webkitgtk rbt/weston rbt/wic rbt/xml rbt/xmlto rbt/xuser rbt/zstd rewitt/newsdk rfcqacheck robert/dora-next robert/rpm ross/master ross/uninative rpurdie/debugsymbols rpurdie/glibc-revert rpurdie/glibc-revert2 rpurdie/master-next rpurdie/staging rpurdie/wip-rss rt/feed sergeimir/spdx2_sync sgw/jethro stable/dunfell-next stable/dunfell-nut stable/gatesgarth-next stable/hardknott-next stable/honister-next stable/jethro-lts stable/kirkstone-next stable/kirkstone-nut stable/langdale-next stable/langdale-nut stable/mickledore-next stable/mickledore-nut stable/morty-next stable/nanbield-next stable/nanbield-nut stable/pyro-next stable/rocke-next stable/rocko-next stable/scarthgap-next stable/scarthgap-nut stable/sumo-community stable/sumo-next stable/sumo-nmut stable/sumo-test stable/thud-next stable/thud-nmut stable/thud-nut stable/thud-nut2 stable/warrior-next stable/warrior-nmut stable/warrior-nut stable/zeus-next stable/zeus-nmut stable/zeus-nut stable/zeus-nut2 stable/zeus-nut_wip tanuk/updates tgamblin/patchtest timo/a11y-updates-20200501 timo/a11y-updates_20200428 timo/a11y-upgrades timo/add-pytest-to-oe-core timo/clutter-1.18.4 timo/cogl-clutter-1.18 timo/cogl-clutter-wayland-weston-updates timo/core-deprecate-distutils_14610 timo/cpanminus timo/devtool-shutil-copytree-13803 timo/dunfell/libxml2-2.9.12 timo/dunfell/python3-3.8.10 timo/dunfell/python3-CVE-2021-23336 timo/install-buildtools_13832_fixes timo/install-buildtools_13832_fixes_v2 timo/install-buildtools_py34 timo/libxml-sax-perl-1.00 timo/libxml-simple-perl-2.25 timo/numpy-pytest-deps timo/oe-recipetool-fixes timo/perl-5.26.2 timo/ptest-perl timo/ptest-perl-2 timo/py3-core-recipe-updates-20201208 timo/pypi-v2 timo/pypi-v3 timo/python3-packaging-20.8 timo/python3-pathlib-13670 timo/python3-scons timo/python3-skip-test-find timo/python37 timo/recipe-upgrades-20210606 timo/recipe-upgrades-20210613 timo/systemd-bootchart timo/wayland-weston-1.5.0 timo/yocto-12582 trini/WIP-fix-build_cc-not-being-single-word ttorling/pypi ttorling/shorter-python-manifest-lines yoe/mut
	OpenEmbedded Core user contribution trees	Grokmirror user

summaryrefslogtreecommitdiffstats

log msg author committer range

path: root/meta/files/common-licenses/XSL

Age	Commit message (Expand)	Author
2014-07-16	docbook-xml: add docbook-xsl-stylesheets 1.78.1	Hongxu Jia

generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-11 11:27:50 +0000

SUMMARY = "Updates the NVD CVE database"
LICENSE = "MIT"

INHIBIT_DEFAULT_DEPS = "1"
PACKAGES = ""

inherit nopackages

deltask do_unpack
deltask do_patch
deltask do_configure
deltask do_compile
deltask do_install
deltask do_populate_sysroot

python () {
    if not d.getVar("CVE_CHECK_DB_FILE"):
        raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.")
}

python do_populate_cve_db() {
    """
    Update NVD database with json data feed
    """

    import sqlite3, urllib, shutil, gzip, re
    from datetime import date

    BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
    YEAR_START = 2002

    db_dir = d.getVar("DL_DIR") + '/CVE_CHECK'
    db_file = db_dir + '/nvdcve.db'
    json_tmpfile = db_dir + '/nvd.json.gz'
    proxy = d.getVar("https_proxy")
    cve_f = open(d.getVar("TMPDIR") + '/cve_check', 'a')

    if not os.path.isdir(db_dir):
        os.mkdir(db_dir)

    # Connect to database
    conn = sqlite3.connect(db_file)
    c = conn.cursor()

    initialize_db(c)

    for year in range(YEAR_START, date.today().year + 1):
        year_url = BASE_URL + str(year)
        meta_url = year_url + ".meta"
        json_url = year_url + ".json.gz"

        # Retrieve meta last modified date
        req = urllib.request.Request(meta_url)
        if proxy:
            req.set_proxy(proxy, 'https')
        try:
            with urllib.request.urlopen(req, timeout=1) as r:
                date_line = str(r.read().splitlines()[0])
                last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
        except:
            cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
            break

        # Compare with current db last modified date
        c.execute("select DATE from META where YEAR = ?", (year,))
        meta = c.fetchone()
        if not meta or meta[0] != last_modified:
            # Update db with current year json file
            req = urllib.request.Request(json_url)
            if proxy:
                req.set_proxy(proxy, 'https')
            try:
                with urllib.request.urlopen(req, timeout=1) as r, \
                     open(json_tmpfile, 'wb') as tmpfile:
                    shutil.copyfileobj(r, tmpfile)
            except:
                cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
                break

            with gzip.open(json_tmpfile, 'rt') as jsonfile:
                update_db(c, jsonfile)
            c.execute("insert or replace into META values (?, ?)",
                    [year, last_modified])

        # Update success, set the date to cve_check file.
        if year == date.today().year:
            cve_f.write('CVE database update : %s\n\n' % date.today())

    cve_f.close()
    conn.commit()
    conn.close()
}

# DJB2 hash algorithm
def hash_djb2(s):
    hash = 5381
    for x in s:
        hash = (( hash << 5) + hash) + ord(x)

    return hash & 0xFFFFFFFF

def initialize_db(c):
    c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)")
    c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \
        SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)")
    c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (HASH INTEGER UNIQUE, ID TEXT, \
        VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \
        VERSION_END TEXT, OPERATOR_END TEXT)")

def insert_elt(c, db_values):
    product_str = db_values[0] + db_values[1] + db_values[2] + db_values[3]
    hashstr = hash_djb2(product_str)
    db_values.insert(0, hashstr)
    query = "insert or replace into PRODUCTS values (?, ?, ?, ?, ?, ?, ?, ?)"
    c.execute(query, db_values)

def parse_node_and_insert(c, node, cveId):
    # Parse children node if needed
    try:
        for child in node['children']:
            parse_node_and_insert(c, child, cveId)
    except:
        pass

    # Exit if the cpe_match node does not exists
    try:
        cpe_match = node['cpe_match']
    except:
        return

    for cpe in cpe_match:
        if not cpe['vulnerable']:
            return
        cpe23 = cpe['cpe23Uri'].split(':')
        vendor = cpe23[3]
        product = cpe23[4]
        version = cpe23[5]

        if version != '*':
            # Version is defined, this is a '=' match
            db_values = [cveId, vendor, product, version, '=', '', '']
            insert_elt(c, db_values)
        else:
            # Parse start version, end version and operators
            op_start = ''
            op_end = ''
            v_start = ''
            v_end = ''

            try:
                if cpe['versionStartIncluding']:
                    op_start = '>='
                    v_start = cpe['versionStartIncluding']
            except:
                pass
            try:
                if cpe['versionStartExcluding']:
                    op_start = '>'
                    v_start = cpe['versionStartExcluding']
            except:
                pass
            try:
                if cpe['versionEndIncluding']:
                    op_end = '<='
                    v_end = cpe['versionEndIncluding']
            except:
                pass
            try:
                if cpe['versionEndExcluding']:
                    op_end = '<'
                    v_end = cpe['versionEndExcluding']
            except:
                pass

            db_values = [cveId, vendor, product, v_start, op_start, v_end, op_end]
            insert_elt(c, db_values)

def update_db(c, json_filename):
    import json
    root = json.load(json_filename)

    for elt in root['CVE_Items']:
        if not elt['impact']:
            continue

        cveId = elt['cve']['CVE_data_meta']['ID']
        cveDesc = elt['cve']['description']['description_data'][0]['value']
        date = elt['lastModifiedDate']
        accessVector = elt['impact']['baseMetricV2']['cvssV2']['accessVector']
        cvssv2 = elt['impact']['baseMetricV2']['cvssV2']['baseScore']

        try:
            cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore']
        except:
            cvssv3 = 0.0

        c.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)",
                [cveId, cveDesc, cvssv2, cvssv3, date, accessVector])

        configurations = elt['configurations']['nodes']
        for config in configurations:
            parse_node_and_insert(c, config, cveId)


addtask do_populate_cve_db before do_fetch
do_populate_cve_db[nostamp] = "1"

EXCLUDE_FROM_WORLD = "1"