This is an automated email from the git hooks/post-receive script. broucaries-guest pushed a commit to branch master in repository lintian.
commit 2e93699715cd7c71efacdbf30c3cf0ea0c5a0b26 Author: Bastien ROUCARIÈS <[email protected]> Date: Sat Dec 7 13:36:11 2013 +0100 Use Lintian::Data for detection of bad maintainer script command Use a new file Lintian::Data for detecting bad regexp in maintainer script --- checks/scripts.pm | 25 ++++++++++++++----------- data/scripts/maintainer-script-bad-command | 11 +++++++++++ debian/changelog | 2 ++ t/tests/scripts-maintainer-general/tags | 2 +- 4 files changed, 28 insertions(+), 12 deletions(-) diff --git a/checks/scripts.pm b/checks/scripts.pm index 56ffad1..dd99233 100644 --- a/checks/scripts.pm +++ b/checks/scripts.pm @@ -81,6 +81,11 @@ my $VERSIONED_INTERPRETERS = Lintian::Data->new('scripts/versioned-interpreters', qr/\s*=\>\s*/o,\&_parse_versioned_interpreters); +#forbidden command in maintenair scripts +my $BAD_MAINT_CMD = Lintian::Data->new('scripts/maintainer-script-bad-command', + qr/\s*\~\~/, + sub { return qr/$_[1]/ism }); + # Any of the following packages can satisfy an update-inetd dependency. my $update_inetd = join( ' | ', qw(update-inetd inet-superserver openbsd-inetd @@ -795,9 +800,11 @@ sub run { ) { tag 'deprecated-chown-usage', "$file:$. \'$1\'"; } + if (/invoke-rc.d.*\|\| exit 0/) { tag 'maintainer-script-hides-init-failure', "$file:$."; } + if (m,/usr/share/debconf/confmodule,) { $saw_debconf = 1; } @@ -888,9 +895,6 @@ sub run { } } } - if (m,\bsuidregister\b,) { - tag 'suidregister-used-in-maintainer-script', $file; - } if ($file eq 'postrm') { if (m,update\-alternatives \-\-remove,) { tag 'update-alternatives-remove-called-in-postrm'; @@ -920,20 +924,19 @@ sub run { } } } - if (m,update\-alternatives \-\-(?:set|set\-selections|config),) { - tag 'update-alternatives-set-called-in-maintainer-script', "$file:$."; - } - if (m,\bgconftool(?:-2)?(?:\s|\Z),) { - tag 'gconftool-used-in-maintainer-script', "$file:$."; + # try generic bad maintainer script command tagging + foreach my $bad_cmd_tag ($BAD_MAINT_CMD->all) { + my $regex = $BAD_MAINT_CMD->value($bad_cmd_tag); + if (m{$regex}) { + tag $bad_cmd_tag, "$file:$."; + } } + if (m,\binstall-sgmlcatalog\b, && !(m,--remove, && ($file eq 'prerm' || $file eq 'postinst'))) { tag 'install-sgmlcatalog-deprecated', "$file:$."; } - if (m,\binstall-info\b,) { - tag 'install-info-used-in-maintainer-script', "$file:$."; - } if ( m,/var/lib/dpkg/status\b, && $pkg ne 'base-files' && $pkg ne 'dpkg') { diff --git a/data/scripts/maintainer-script-bad-command b/data/scripts/maintainer-script-bad-command new file mode 100644 index 0000000..70cb903 --- /dev/null +++ b/data/scripts/maintainer-script-bad-command @@ -0,0 +1,11 @@ +# complain (tag) when we encounters some commands on maintainer script +# format is: +# tag~~regexp +# +# Please alpha sort +gconftool-used-in-maintainer-script ~~\bgconftool(?:-2)?(?:\s|\Z) +install-info-used-in-maintainer-script ~~\binstall-info\b +update-alternatives-set-called-in-maintainer-script ~~\bupdate\-alternatives\s+\-\-(?:set|set\-selections|config)\b +suidregister-used-in-maintainer-script ~~\bsuidregister\b + + diff --git a/debian/changelog b/debian/changelog index 2e1fa7e..3ab39ab 100644 --- a/debian/changelog +++ b/debian/changelog @@ -17,6 +17,8 @@ lintian (2.5.20) UNRELEASED; urgency=low * checks/scripts.{desc,pm}: + [BR] Detect update-alternatives --set in maintainer scripts. (Closes: #643602). + + [BR] Use Lintian::Data for bad shell construction in maintainer + scripts. * checks/watch.{desc,pm}: + [BR] Detect lack of uscan support for gpg signature. (Closes: #711553). diff --git a/t/tests/scripts-maintainer-general/tags b/t/tests/scripts-maintainer-general/tags index 006f093..a83b2c0 100644 --- a/t/tests/scripts-maintainer-general/tags +++ b/t/tests/scripts-maintainer-general/tags @@ -10,7 +10,7 @@ E: scripts-maintainer-general: maintainer-script-uses-dpkg-status-directly posti E: scripts-maintainer-general: maintainer-shell-script-fails-syntax-check prerm E: scripts-maintainer-general: mknod-in-maintainer-script postinst:125 E: scripts-maintainer-general: read-in-maintainer-script postinst:10 -E: scripts-maintainer-general: suidregister-used-in-maintainer-script postinst +E: scripts-maintainer-general: suidregister-used-in-maintainer-script postinst:101 W: scripts-maintainer-general: command-with-path-in-maintainer-script postinst:117 /usr/bin/foo W: scripts-maintainer-general: command-with-path-in-maintainer-script postinst:118 /usr/bin/foo W: scripts-maintainer-general: command-with-path-in-maintainer-script postinst:91 /usr/bin/baz -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
