Author: rra
Date: 2006-04-01 08:46:55 +0200 (Sat, 01 Apr 2006)
New Revision: 598
Modified:
trunk/checks/manpages
trunk/checks/po-debconf
trunk/collection/objdump-info
trunk/debian/changelog
trunk/lib/Util.pm
Log:
* checks/manpages:
+ [RA] Use system_env instead of system and sanitize the environment
before running man -l out of caution and to avoid extraneous output
when CDPATH is set. Reported by Marc Haber. (Closes: #360217)
* checks/po-debconf:
+ [RA] Use system_env instead of system out of caution and to avoid
extraneous output when CDPATH is set.
* collection/objdump-info:
+ [RA] Unset CDPATH before running cd to avoid strange effects from
the user's environment.
* lib/Util.pm:
+ [RA] Add system_env, like system but sanitizing the environment.
Modified: trunk/checks/manpages
===================================================================
--- trunk/checks/manpages 2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/checks/manpages 2006-04-01 06:46:55 UTC (rev 598)
@@ -235,7 +235,7 @@
# negatives. When man-db is fixed, this limitation should be
# removed.
if ($path =~ m,/man/man\d/,) {
- if (system("lexgrog unpacked/\Q$file\E >/dev/null 2>&1")) {
+ if (system_env("lexgrog unpacked/\Q$file\E >/dev/null 2>&1")) {
tag "manpage-has-bad-whatis-entry", "$file";
}
}
@@ -244,14 +244,22 @@
# parent directory before running man so that .so directives are
# processed properly. (Yes, there are man pages that include other
# pages with .so but aren't simple links; rbash, for instance.)
- my $cmd;
- if ($file =~ m,^(.*)/(man\d/.*)$,) {
- $cmd = "cd unpacked/\Q$1\E && LANG=C man -l \Q$2\E";
- } else {
- $cmd = "LANG=C man -l unpacked/\Q$file\E";
- }
- open MANERRS, '-|', "($cmd >/dev/null) 2>&1"
- or fail("cannot run man -l: $!");
+ my $cmd;
+ if ($file =~ m,^(.*)/(man\d/.*)$,) {
+ $cmd = "cd unpacked/\Q$1\E && man -l \Q$2\E";
+ } else {
+ $cmd = "man -l unpacked/\Q$file\E";
+ }
+ my $pid = open MANERRS, '-|';
+ if (not defined $pid) {
+ fail("cannot run man -l: $!");
+ } elsif ($pid == 0) {
+ my %newenv = (LANG => 'C', PATH => $ENV{PATH});
+ undef %ENV;
+ %ENV = %newenv;
+ exec "($cmd >/dev/null) 2>&1"
+ or fail("cannot run man -l: $!");
+ }
while (<MANERRS>) {
# ignore progress information from man
next if /^Reformatting/;
Modified: trunk/checks/po-debconf
===================================================================
--- trunk/checks/po-debconf 2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/checks/po-debconf 2006-04-01 06:46:55 UTC (rev 598)
@@ -76,8 +76,8 @@
if (-x "/usr/bin/msgcmp" && -x "/usr/share/intltool-debian/intltool-update" ) {
if ($missing_files == 0) {
$ENV{"INTLTOOL_EXTRACT"} ||=
"/usr/share/intltool-debian/intltool-extract";
- system("cd debfiles/po &&
/usr/share/intltool-debian/intltool-update --gettext-package=test --pot");
- system("/usr/bin/msgcmp debfiles/po/test.pot
debfiles/po/templates.pot >/dev/null 2>&1") == 0
+ system_env("cd debfiles/po &&
/usr/share/intltool-debian/intltool-update --gettext-package=test --pot");
+ system_env("/usr/bin/msgcmp debfiles/po/test.pot
debfiles/po/templates.pot >/dev/null 2>&1") == 0
or tag "newer-debconf-templates";
}
} else {
@@ -106,7 +106,7 @@
}
tag "unknown-encoding-in-po-file", "debian/po/$file"
unless length($charset);
- system("msgfmt -o /dev/null debfiles/po/$file 2>/dev/null") == 0
+ system_env("msgfmt -o /dev/null debfiles/po/$file 2>/dev/null") == 0
or tag "invalid-po-file", "debian/po/$file";
}
Modified: trunk/collection/objdump-info
===================================================================
--- trunk/collection/objdump-info 2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/collection/objdump-info 2006-04-01 06:46:55 UTC (rev 598)
@@ -30,6 +30,7 @@
exit 2
fi
+CDPATH=
cd unpacked
rm -f ../objdump-info
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/debian/changelog 2006-04-01 06:46:55 UTC (rev 598)
@@ -14,14 +14,28 @@
are now too many combinations to list completely.
+ [RA] Catch build dependencies on X metapackages, based on a patch by
Josh Triplett. (Partially addresses #347169)
+ * checks/manpages:
+ + [RA] Use system_env instead of system and sanitize the environment
+ before running man -l out of caution and to avoid extraneous output
+ when CDPATH is set. Reported by Marc Haber. (Closes: #360217)
+ * checks/po-debconf:
+ + [RA] Use system_env instead of system out of caution and to avoid
+ extraneous output when CDPATH is set.
* checks/scripts.desc:
+ [RA] Change the check for broken error handling with invoke-rc.d to
maintainer-script-hides-init-failure to be more generic and explain
what the test looks at. Add the script name and line number and fix
a typo. Thanks, Marc Haber. (Closes: #360214, #360216)
- -- Russ Allbery <[EMAIL PROTECTED]> Fri, 31 Mar 2006 22:00:45 -0800
+ * collection/objdump-info:
+ + [RA] Unset CDPATH before running cd to avoid strange effects from
+ the user's environment.
+ * lib/Util.pm:
+ + [RA] Add system_env, like system but sanitizing the environment.
+
+ -- Russ Allbery <[EMAIL PROTECTED]> Fri, 31 Mar 2006 22:40:32 -0800
+
lintian (1.23.16) unstable; urgency=low
The "What's this Russ guy up to?" release
Modified: trunk/lib/Util.pm
===================================================================
--- trunk/lib/Util.pm 2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/lib/Util.pm 2006-04-01 06:46:55 UTC (rev 598)
@@ -31,7 +31,8 @@
slurp_entire_file
get_file_md5
file_is_encoded_in_non_utf8
- fail);
+ fail
+ system_env);
use FileHandle;
use Pipeline;
@@ -207,6 +208,23 @@
return 0;
}
+# Just like system, except cleanses the environment first to avoid any strange
+# side effects due to the user's environment.
+sub system_env {
+ my @whitelist = qw(PATH INTLTOOL_EXTRACT);
+ my %newenv = map { exists $ENV{$_} ? ($_ => $ENV{$_}) : () } @whitelist;
+ my $pid = fork;
+ if (not defined $pid) {
+ return -1;
+ } elsif ($pid == 0) {
+ %ENV = %newenv;
+ exec @_ or die("exec of $_[0] failed: $!\n");
+ } else {
+ waitpid $pid, 0;
+ return $?;
+ }
+}
+
# ------------------------
sub fail {
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
