bippy: use dyad to generate the json array for the git ids

Baby steps, adding in support for dyad to handle one part (of 3) for the
json file generation.

This catches ids that previously were ignored, so cve json information
is now "more correct" than before.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

1 files changed, 47 insertions, 14 deletions

diff --git a/scripts/bippy b/scripts/bippy
index 851b3ed3..7f0d2821 100755
--- a/scripts/bippy
+++ b/scripts/bippy
@@ -795,7 +795,7 @@ if [[ "${default_status}" != "${dyad_default_status}" ]]; then
 fi
 
 dyad_vuln_array_json=""
-dyad_vuln_string_json=""
+dyad_url_string_json=""
 dyad_git_array_json=""
 #
 # If this is an "affected" kernel, then we need to find the first mainline
@@ -878,7 +878,7 @@ fi
 
 dbg "first pass:"
 dbg "	     vuln_array_json=${vuln_array_json}"
-dbg "	dyad_vuln_array_json=${vuln_array_json}"
+dbg "	dyad_vuln_array_json=${dyad_vuln_array_json}"
 if [[ "${vuln_array_json}" == "${dyad_vuln_array_json}" ]]; then
 	dbg "first pass SUCCEED"
 else
@@ -900,6 +900,23 @@ for entry in "${dyad_entries[@]}"; do
 		continue
 	fi
 
+	# create the json array for the git ids
+	dyad_git_array_json+="versions[]=$(jo --\
+		-s version="${vuln_git}"	\
+		-s lessThan="${fix_git}"	\
+		-s status="affected"		\
+		-s versionType="git"		\
+		) "
+
+	# Add the git sha of the fix to the "all fix commits" array
+	long_id=$(git_full_id "${fix_git}")
+	dyad_url_string_json+="references[]=$(jo -- -s url="https://git.kernel.org/stable/c/${long_id}") "
+	# If the commit was found and fixed in the same release, let's not
+	# create a version number range as that will just confuse everyone
+	if [[ "${vuln}" == "${fix}" ]]; then
+		continue
+	fi
+
 	# create the json array for the version numbers
 	if [[ "${default_status}" == "unaffected" ]]; then
 		# this is easy, our pairs are the versions that are
@@ -1059,24 +1076,40 @@ done
 
 dbg "second pass:"
 dbg "	     vuln_array_json=${vuln_array_json}"
-dbg "	dyad_vuln_array_json=${vuln_array_json}"
+dbg "	dyad_vuln_array_json=${dyad_vuln_array_json}"
 if [[ "${vuln_array_json}" == "${dyad_vuln_array_json}" ]]; then
 	dbg "second pass SUCCEED"
 else
 	dbg "second pass FAILED"
 fi
 
+dbg "second pass:"
+dbg "	     git_array_json=${git_array_json}"
+dbg "	dyad_git_array_json=${dyad_git_array_json}"
+if [[ "${git_array_json}" == "${dyad_git_array_json}" ]]; then
+	dbg "second pass SUCCEED"
+else
+	dbg "second pass FAILED"
+fi
 
+dbg "second pass:"
+dbg "     url_string_json=${url_string_json}"
+dbg "dyad_url_string_json=${dyad_url_string_json}"
+if [[ "${url_string_json}" == "${dyad_url_string_json}" ]]; then
+	dbg "second pass SUCCEED"
+else
+	dbg "second pass FAILED"
+fi
 
-dbg "vuln_array_json=${vuln_array_json}"
-dbg "git_array_json=${git_array_json}"
-dbg "vuln_array_mbox="
-for entry in "${vuln_array_mbox[@]}"; do
-	dbg "	${entry}"
-done
-for entry in "${url_string_json[@]}"; do
-	dbg "url_string_json=${entry}"
-done
+#dbg "vuln_array_json=${vuln_array_json}"
+#dbg "git_array_json=${git_array_json}"
+#dbg "vuln_array_mbox="
+#for entry in "${vuln_array_mbox[@]}"; do
+#	dbg "	${entry}"
+#done
+#for entry in "${url_string_json[@]}"; do
+#	dbg "url_string_json=${entry}"
+#done
 
 # Strip off all of the signed-off-by stuff out of the commit text.
 # We have a long list of "tags" to drop in the file, "tags", so compose
@@ -1181,13 +1214,13 @@ if [[ "${JSON_FILE}" != "" ]] ; then
 
 	affected=$(jo -a -- "${ag}" "${a}")
 
-	# We want url_string_json to be expanded without quotes
+	# We want dyad_url_string_json to be expanded without quotes
 	# shellcheck disable=SC2086
 	cna=$(jo --	\
 		providerMetadata="${providerMetadata}"	\
 		descriptions="${descriptions}"		\
 		affected="${affected}"			\
-		${url_string_json}			\
+		${dyad_url_string_json}			\
 		title="${subject}"			\
 		x_generator="${x_generator}"		\
 	)