diff options
| author | Lee Jones <lee@kernel.org> | 2024-05-01 18:22:12 +0100 |
|---|---|---|
| committer | Lee Jones <lee@kernel.org> | 2024-05-01 18:22:12 +0100 |
| commit | 1913056b65a10bb1869ed2e15aca9a30791beb21 (patch) | |
| tree | 77b47878abe97416fb96516157e96f4ff252d29e | |
| parent | ddd04d3486e3f9a8cb7ebc073688db137d6f5f7c (diff) | |
| download | vulns-wip-lee.tar.gz | |
WIPwip-lee
Signed-off-by: Lee Jones <lee@kernel.org>
| -rwxr-xr-x | scripts/cve_review | 38 |
1 files changed, 33 insertions, 5 deletions
diff --git a/scripts/cve_review b/scripts/cve_review index 805e73a5..ca222bd1 100755 --- a/scripts/cve_review +++ b/scripts/cve_review @@ -66,6 +66,9 @@ while [ $# -gt 0 ]; do --annotate|-a) ANNOTATE=true ;; + --skip-reviewed|-s) + SKIPREVIEWED=true + ;; *) if [ -s "${1}" ]; then FILE=${1}; @@ -143,7 +146,6 @@ RESULTSDIR=${WORKDIR}/results PROCESSEDFILE=${PROCESSEDDIR}/${TAG} CVEMEFILE=${TAG}-${NAME} CVEME=${RESULTSDIR}/${CVEMEFILE} -CLIPCOMMITTO=$(($(tput lines) - 10)) UPDATEFINALDIR="" mkdir -p ${PROCESSEDDIR} ${RESULTSDIR} @@ -152,10 +154,12 @@ print_blue "Reviewing ${NOSHAS} commits" count=0 for h in ${SHAS[@]}; do + clipcommitto=$(($(tput lines) - 10)) oneline=$(git --no-pager log ${h} -n1 --format="%h %s") subject=$(echo ${oneline} | cut -d' ' -f 2-) count=$((count + 1)) percentage=$(echo "scale=4; (${count}/${NOSHAS})*100" | bc | awk '{printf "%.2f\n", $0}') + alreadyreviewed="" if grep -q -s -F "${oneline}" ${PROCESSEDFILE}; then print_blue "Skipping already processed commit: ${oneline}" @@ -170,7 +174,7 @@ for h in ${SHAS[@]}; do print_blue "Processing ${TAG} fix: ${count} of ${NOSHAS} (%${percentage})" - print_blue "\nSummary:\n" + print_blue "\nSummary:" MATCHES="\ call[-\s_]*trace|\ @@ -215,13 +219,37 @@ WARN:\ cat ${commitmsgfile} > ${commitfile} fi + if grep -q "${subject}" ${PROCESSEDDIR}/*; then + filename=$(basename $(grep -lr "${subject}" ${PROCESSEDDIR})) + sha=$(grep -rh "${subject}" ${PROCESSEDDIR} | cut -d' ' -f1) + + print_red "\nPotentially already reviewed in\n " + + echo -n " ${filename}: " + echo "$(grep -h "${subject}" ${PROCESSEDDIR}/*)" + + clipcommitto=$((clipcommitto-3)) + + newpatchid=$(git show ${h} | git patch-id | cut -d' ' -f1) + oldpatchid=$(git show ${sha} | git patch-id | cut -d' ' -f1) + + if [[ "${SKIPREVIEWED}" == "true" && "${newpatchid}" == "${oldpatchid}" ]]; then + print_blue "\nConfirmed as already reviewed - SKIPPING\n" + sleep 1 + echo "${oneline}" >> ${PROCESSEDFILE} + continue + fi + + fi + echo + git --no-pager log -p --format="" --color=always -n1 ${h} >> ${commitfile} commitlen=$(cat ${commitfile} | wc -l) if [ "${NAME}" == "greg" ]; then bat ${commitfile} - elif [ ${commitlen} -gt ${CLIPCOMMITTO} ]; then - head -n ${CLIPCOMMITTO} ${commitfile} + elif [ ${commitlen} -gt ${clipcommitto} ]; then + head -n ${clipcommitto} ${commitfile} print_blue "\nCommit has been clipped, press M to see the remainder" else cat ${commitfile} @@ -238,7 +266,7 @@ WARN:\ if [[ "${CHOICE}" == "m" || "${CHOICE}" == "M" ]]; then echo - tail -n $((commitlen - ${CLIPCOMMITTO})) ${commitfile} + tail -n $((commitlen - ${clipcommitto})) ${commitfile} if [ "${ANNOTATE}" != "true" ]; then print_blue "\nShould this commit be assigned a CVE <y/N/q>?" |