Your message dated Tue, 6 Jul 2010 19:20:25 -0400
with message-id <[email protected]>
and subject line Re: Bug#530906: [checkbashisms] Detect shell wrappers using env
has caused the Debian Bug report #530906,
regarding [checkbashisms] Detect shellscript wrappers using env
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
530906: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530906
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: devscripts
Version: 2.10.49
User: [email protected]
Usertags: checkbashisms
Hi,
These are some of my findings based on the recent checkbashisms run:
(NOTE: a combined diff is attached)
-----------------
FP:
> possible bashism in
> ./usr/share/pyshared/support-files/setuptools-0.6c9-py2.4.egg line 202
Fix (allow exec to be preceded by 'then'):
@@ -408,7 +409,7 @@ sub script_is_evil_and_wrong {
last if (++$i > 55);
if (m~
# the exec should either be "eval"ed or a new statement
- (^\s*|\beval\s*[\'\"]|(;|&&)\s*)
+ (^\s*|\beval\s*[\'\"]|(;|&&|\bthen)\s*)
# eat anything between the exec and $0
exec\s*.+\s*
-----------------
FP:
> possible bashism in ./usr/share/shorewall6-lite/lib.base line 684 (sourced
> script with arguments):
> . $(find_file $(expand $@))
Workaround (this needs to be fixed by stripping evals, $(), ``, and any other
form of code execution and looking for bashisms in those parts individually):
Apply the same dummy logic used for "" and '' to $()
@@ -281,8 +282,8 @@ foreach my $filename (@ARGV) {
# detect source (.) trying to pass args to the command it runs
# The first expression weeds out '. "foo bar"'
if (not $found and
- not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\')\s*(\&|\||\d?>|<|;|\Z)/
- and m/^\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
+ not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\'|\$\([^)]+\)+)\s*(\&|\||
\d?>|<|;|\Z)/
+ and m/\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
if ($2 =~ /^(\&|\||\d?>|<)/) {
# everything is ok
;
-----------------
FN:
> if something; then . foo bar; else bar; fi
Fix (+ move LEADIN to the global scope):
@@ -281,8 +282,8 @@ foreach my $filename (@ARGV) {
# detect source (.) trying to pass args to the command it runs
# The first expression weeds out '. "foo bar"'
if (not $found and
- not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\')\s*(\&|\||\d?>|<|;|\Z)/
- and m/^\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
+ not m/$LEADIN\.\s+(\"[^\"]+\"|\'[^\']+\'|\$\([^)]+\)+)\s*(\&|
\||\d?>|<|;|\Z)/
+ and m/$LEADIN(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
if ($2 =~ /^(\&|\||\d?>|<)/) {
# everything is ok
;
-----------------
Still to be fixed:
> . $(foo $(bar) moo)
-----------------
FP (new kind of wrapper):
usr/share/doc/systemtap-doc/examples/process/errsnoop.stp:
> #!/bin/sh
> //usr/bin/env stap -DMAXMAPENTRIES=20480 $0 $@; exit $?
> # errsnoop.stp
> ...
-----------------
FP (ref: #530084):
> if false; then foo; else exec something; fi
@@ -408,7 +409,7 @@ sub script_is_evil_and_wrong {
last if (++$i > 55);
if (m~
# the exec should either be "eval"ed or a new statement
- (^\s*|\beval\s*[\'\"]|(;|&&)\s*)
+ (^\s*|\beval\s*[\'\"]|(;|&&|\b(then|else))\s*)
# eat anything between the exec and $0
exec\s*.+\s*
-----------------
FN:
> #!/bin/sh
> cat <<FOO
> hello
> $(echo -e "world\c")
>
> Running on $OSTYPE
> FOO
Only here docs with quoted markers should be ignored.
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
diff --git a/checkbashisms.orig b/checkbashisms
index 40cffc9..d97e6b5 100755
--- a/checkbashisms.orig
+++ b/checkbashisms
@@ -74,6 +74,7 @@ my $status = 0;
my $makefile = 0;
my (%bashisms, %string_bashisms, %singlequote_bashisms);
+our $LEADIN = qr'(?:(?:^|[`&;(|{])\s*|(?:if|then|do|while|shell)\s+)';
init_hashes;
foreach my $filename (@ARGV) {
@@ -281,8 +282,8 @@ foreach my $filename (@ARGV) {
# detect source (.) trying to pass args to the command it runs
# The first expression weeds out '. "foo bar"'
if (not $found and
- not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\')\s*(\&|\||\d?>|<|;|\Z)/
- and m/^\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
+ not m/$LEADIN\.\s+(\"[^\"]+\"|\'[^\']+\'|\$\([^)]+\)+)\s*(\&|\||\d?>|<|;|\Z)/
+ and m/$LEADIN(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
if ($2 =~ /^(\&|\||\d?>|<)/) {
# everything is ok
;
@@ -408,7 +409,7 @@ sub script_is_evil_and_wrong {
last if (++$i > 55);
if (m~
# the exec should either be "eval"ed or a new statement
- (^\s*|\beval\s*[\'\"]|(;|&&)\s*)
+ (^\s*|\beval\s*[\'\"]|(;|&&|\b(then|else))\s*)
# eat anything between the exec and $0
exec\s*.+\s*
@@ -458,7 +459,6 @@ sub script_is_evil_and_wrong {
}
sub init_hashes {
- my $LEADIN = qr'(?:(^|[`&;(|{])\s*|(if|then|do|while|shell)\s+)';
%bashisms = (
qr'(?:^|\s+)function \w+(\s|\(|\Z)' => q<'function' is useless>,
--- End Message ---
--- Begin Message ---
On Tue, Jul 06, 2010 at 06:43:38PM -0400, James Vega wrote:
> On Wed, May 27, 2009 at 07:11:24PM -0500, Raphael Geissert wrote:
> > FP (new kind of wrapper):
> >
> > usr/share/doc/systemtap-doc/examples/process/errsnoop.stp:
> > > #!/bin/sh
> > > //usr/bin/env stap -DMAXMAPENTRIES=20480 $0 $@; exit $?
> > > # errsnoop.stp
> > > ...
>
> checkbashisms doesn't complain about this, using either the current
> version or the version this bug was reported against (2.10.49). I'd be
> glad to close this, but I'm wondering if you recall what the problem
> was.
In fact, no released version of checkbashisms has issued a warning on a
script like the one shown. Closing.
--
James
GPG Key: 1024D/61326D40 2003-09-02 James Vega <[email protected]>
signature.asc
Description: Digital signature
--- End Message ---
