[SCM] Debian package checker branch, master, updated. 2.5.2-132-g9faa8c3

Sat, 10 Sep 2011 03:12:37 -0700 

The following commit has been merged in the master branch:
commit 96505a73697cc46a5d5aefcbe6f11ddbd8e3b3fe
Author: Niels Thykier <[email protected]>
Date:   Wed Aug 17 15:30:33 2011 +0200

    Skip conffiles check if conffiles is a symlink
    
    No normal package uses a symlink in the control.tar.gz and in
    this case, the "extra" info for the tags can more or less get
    you a dump of an arbitrary file on the host file system.

diff --git a/checks/conffiles b/checks/conffiles
index fe1ace7..eefb780 100644
--- a/checks/conffiles
+++ b/checks/conffiles
@@ -37,6 +37,10 @@ my $cf = $info->control('conffiles');
 
 my %conffiles = ();
 
+# Stop if conffiles is a link; no real package uses links in
+# control.tar.gz.
+return if -l $cf;
+
 if (-f $cf) {
 
     open(IN, '<', $cf) or fail("cannot open $cf for reading: $!");
diff --git a/debian/changelog b/debian/changelog
index e4faa6f..d8155bf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -53,6 +53,8 @@ lintian (2.5.3) UNRELEASED; urgency=low
       changelog.
   * checks/{conffile,etcfiles}{,.desc}:
     + [JW] Merged etcfiles into conffile.  (Closes: #637590)
+  * checks/conffile:
+    + [NT] Skip all checks if "conffiles" is a symlink.
   * checks/copyright-file{,.desc}:
     + [JW] Check for CRLF line endings in copyright files.
       (Closes: #634191)
diff --git a/t/debs/control-files-traversal/Makefile 
b/t/debs/control-files-traversal/Makefile
new file mode 100644
index 0000000..69d4399
--- /dev/null
+++ b/t/debs/control-files-traversal/Makefile
@@ -0,0 +1,9 @@
+name = control-files-traversal
+
+all:
+       ln -s ../md5sums conffiles
+       create-deb -o $(name).deb conffiles control
+
+clean:
+       rm -f *.tar.gz *.deb md5sums debian-binary
+       rm -rf root/
diff --git a/t/debs/control-files-traversal/desc 
b/t/debs/control-files-traversal/desc
new file mode 100644
index 0000000..60dc3e1
--- /dev/null
+++ b/t/debs/control-files-traversal/desc
@@ -0,0 +1,5 @@
+Testname: control-files-traversal
+Sequence: 6000
+Version: 1.0
+Description: Test for bad owner of control files
+Options: -C conffiles,md5sums -IE
diff --git a/t/debs/deb-format-record-size/tags 
b/t/debs/control-files-traversal/tags
similarity index 100%
copy from t/debs/deb-format-record-size/tags
copy to t/debs/control-files-traversal/tags

-- 
Debian package checker


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]

Reply via email to