Package: debhelper Version: 12.8 Severity: wishlist Heya,
some debhelper programs call the file program, and I noticed the
invocation does not guard against file names that file(1) could
misinterpret as a command line option. In other words, file names
starting with a dash will create undesired results.
You might argue Debian should not ship such strange file names, and I
concur. But this already happens a few times, openfoam-examples for
example. It seems these files are just not tested by any of the
debhelper programs. Perhaps just not yet.
So as a safeguard I suggest to place "--" as usual between the options
and the argument. Before ugly things happen.
This affects at least /usr/bin/dh_shlibdeps and /usr/bin/dh_strip.
Cheers,
Christoph
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.13 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect
Versions of packages debhelper depends on:
ii autotools-dev 20180224.1
ii dh-autoreconf 19
ii dh-strip-nondeterminism 1.6.3-2
ii dpkg 1.19.7
ii dpkg-dev 1.19.7
ii dwz 0.13-5
ii file 1:5.38-4
ii libdebhelper-perl 12.8
ii libdpkg-perl 1.19.7
ii man-db 2.9.0-2
ii perl 5.30.0-9
ii po-debconf 1.0.21
debhelper recommends no packages.
Versions of packages debhelper suggests:
ii dh-make 2.201903
-- no debconf information
signature.asc
Description: PGP signature
