I have improved the test case now. I wasn't aware you can copy it back from the rejected queue (or forgot), and I irregularly delete past uploads, so that could have meant recreating it.
Most of the time, if a test plan is lacking a bit, the SRU gets accepted with a note to add some missing bits to the test plan. ** Description changed: [Impact] The packaging does not respect compiler flags, notably hardening flags like the stack protector, as well as frame pointer, as it never uses dpkg-buildflags and is still old manual style. This means there is a higher security risk, which given the nature of the library seems ill-advised, and the lack of frame pointers hampers profiling. [Test plan] Look at the build log and see that the build flags have been passed, notably stuff like - -fno-strict-overflow -Wsign-compare -DNDEBUG -g -O2 -Wall -g -O2 -Werror=implicit-function-declaration -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=for - mat-security -fcf-protection + -fno-strict-overflow + -Werror=implicit-function-declaration + -fno-omit-frame-pointer + -mno-omit-leaf-frame-pointer + -fstack-protector-strong + -fstack-clash-protection + -Wformat + -Werror=for - Parse some xml and see that it works + Run https://gist.github.com/julian- + klode/85e55553f85c410a1b856a93dce77208 on the ELF binaries and ensure + that all lines have -fno-omit-frame-pointer + + + Run a smoke test to see the parser still works: + + from lxml import etree + from urllib.request import urlopen + + with urlopen("https://www.w3.org/TR/REC-xml/REC-xml-20081126.xml";) as xml: + xml=xml.read() + tree=etree.fromstring(xml, base_url="https://www.w3.org/TR/REC-xml/REC-xml-20081126.xml";) + + for element in tree.iter(): + print(element) + + print(etree.tostring(tree)) + [Where problems could occur] Hardening flags could surface existing (possibly security) bugs that have been asymptomatic so far; frame pointers will incur some slow down. ** Description changed: [Impact] The packaging does not respect compiler flags, notably hardening flags like the stack protector, as well as frame pointer, as it never uses dpkg-buildflags and is still old manual style. This means there is a higher security risk, which given the nature of the library seems ill-advised, and the lack of frame pointers hampers profiling. [Test plan] - Look at the build log and see that the build flags have been passed, notably stuff like + Skim at the build log and see that the build flags have been passed, notably stuff like -fno-strict-overflow -Werror=implicit-function-declaration -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -fstack-protector-strong - -fstack-clash-protection - -Wformat + -fstack-clash-protection + -Wformat -Werror=for Run https://gist.github.com/julian- klode/85e55553f85c410a1b856a93dce77208 on the ELF binaries and ensure that all lines have -fno-omit-frame-pointer - Run a smoke test to see the parser still works: from lxml import etree from urllib.request import urlopen with urlopen("https://www.w3.org/TR/REC-xml/REC-xml-20081126.xml";) as xml: - xml=xml.read() + xml=xml.read() tree=etree.fromstring(xml, base_url="https://www.w3.org/TR/REC-xml/REC-xml-20081126.xml";) for element in tree.iter(): - print(element) + print(element) print(etree.tostring(tree)) - [Where problems could occur] Hardening flags could surface existing (possibly security) bugs that have been asymptomatic so far; frame pointers will incur some slow down. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2076419 Title: lxml: Does not respect compiler flags To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxml/+bug/2076419/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
