[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

lintian: r581 - in trunk: checks debian testset testset/scripts testset/scripts/debian

Author: rra
Date: 2006-03-16 19:14:47 +0100 (Thu, 16 Mar 2006)
New Revision: 581

Added:
   trunk/testset/scripts/perl-bizarre-1
   trunk/testset/scripts/perl-bizarre-2
   trunk/testset/scripts/perl-bizarre-3
Modified:
   trunk/checks/scripts
   trunk/debian/changelog
   trunk/testset/scripts/debian/rules
   trunk/testset/tags.scripts
Log:
* checks/scripts:
  + [RA] Allow more variations on leading magic to invoke some
    interpreter rather than then shell.  Bypass the ELF magic check for
    scripts using magic that relies on having no leading #! line.
    Reported by Frank Ku"ster.  (Closes: #344269)


Modified: trunk/checks/scripts
===================================================================
--- trunk/checks/scripts	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/checks/scripts	2006-03-16 18:14:47 UTC (rev 581)
@@ -328,6 +328,7 @@
 		 or $scripts{$_}
 		 or $_ =~ m,^usr(/X11R6)?/man/,
 		 or $_ =~ m/\.exe$/ # mono convention
+		 or script_is_evil_and_wrong("unpacked/$_")
 		 );
 }
 
@@ -580,12 +581,13 @@
     my $ret = 0;
     open IN, $filename or fail("cannot open $filename: $!");
     my $i = 0;
+    local $_;
     while (<IN>) {
         chomp;
 	next if /^#/o;
 	next if /^$/o;
         last if (++$i > 20);
-        if (/^\s*exec\s*.+\s*.?\$0.?\s*(--\s*)?(\${1\+)?.?\$\@/o) {
+        if (/(^\s*|\beval\s*\'|;)?exec\s*.+\s*.?\$0.?\s*(--\s*)?(\${1\+)?.?\$\@/o) {
             $ret = 1;
             last;
         }

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/debian/changelog	2006-03-16 18:14:47 UTC (rev 581)
@@ -60,6 +60,10 @@
       (Closes: #351624, #353770)
     + [RA] /usr/bin/tcl is provided by tclx8.3, not tcl.  Reported by
       James R. Van Zandt.  (Closes: #351324)
+    + [RA] Allow more variations on leading magic to invoke some
+      interpreter rather than then shell.  Bypass the ELF magic check for
+      scripts using magic that relies on having no leading #! line.
+      Reported by Frank Küster.  (Closes: #344269)
   * checks/shared-libs:
     + [JvW] Fix postinst-must-call-ldconfig to also get emitted when there is
       no postinst at all, instead of just one lacking a ldconfig call

Modified: trunk/testset/scripts/debian/rules
===================================================================
--- trunk/testset/scripts/debian/rules	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/testset/scripts/debian/rules	2006-03-16 18:14:47 UTC (rev 581)
@@ -23,7 +23,10 @@
 	install -m 4755 perlfoo $(tmp)/usr/bin/suidperlfoo2
 	install -m 4755 suidperlfoo $(tmp)/usr/bin/
 	install -m 755 tkfoo $(tmp)/usr/bin/
-	install -m 644 xsession-test $(tmp)/etc/X11/Xsession.d/ 
+	install -m 644 xsession-test $(tmp)/etc/X11/Xsession.d/
+	install -m 755 perl-bizarre-1 $(tmp)/usr/bin/
+	install -m 755 perl-bizarre-2 $(tmp)/usr/bin/
+	install -m 755 perl-bizarre-3 $(tmp)/usr/bin/
 
 	echo "#!/usr/bin/perl" >> $(tmp)/usr/share/scripts/foobar.in
 	chmod 644 $(tmp)/usr/share/scripts/foobar.in

Added: trunk/testset/scripts/perl-bizarre-1
===================================================================
--- trunk/testset/scripts/perl-bizarre-1	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/testset/scripts/perl-bizarre-1	2006-03-16 18:14:47 UTC (rev 581)
@@ -0,0 +1,11 @@
+#! /bin/sh
+eval '(exit $?0)' && eval 'PERL_BADLANG=x;export PERL_BADLANG;: \
+;exec perl -x -S -- "$0" ${1+"$@"};#'if 0;
+eval 'setenv PERL_BADLANG x;exec perl -x -S -- "$0" $argv:q;#'.q+
+#!perl -w
+package Htex::a2ping;  $0=~/(.*)/s;unshift@INC,'.';do($1);die$@if$@;__END__+if !1;
+# This Perl script was generated by JustLib2 at Wed Apr 23 09:14:13 2003.
+# Don't touch/remove any lines above; http://www.inf.bme.hu/~pts/justlib
+
+# The above was actually seen in the wild and stresses the
+# script_is_evil_and_wrong test.

Added: trunk/testset/scripts/perl-bizarre-2
===================================================================
--- trunk/testset/scripts/perl-bizarre-2	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/testset/scripts/perl-bizarre-2	2006-03-16 18:14:47 UTC (rev 581)
@@ -0,0 +1,7 @@
+#!/bin/sh
+eval 'exec /usr/bin/perl -wS $0 ${1+"$@"}'
+    if $running_under_some_shell;
+
+# I'm someone following perlrun except without using the Perl #! line.
+# Now something to choke bash.
+while (<>) { if (/%#/) { print } }

Added: trunk/testset/scripts/perl-bizarre-3
===================================================================
--- trunk/testset/scripts/perl-bizarre-3	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/testset/scripts/perl-bizarre-3	2006-03-16 18:14:47 UTC (rev 581)
@@ -0,0 +1,6 @@
+eval '(exit $?0)' && eval 'exec perl -wS $0 ${1+"$@"}'
+& eval 'exec /usr/bin/perl -wS $0 $argv:q'
+    if $running_under_some_shell;
+
+# More utterly bizarreness from perlrun.  This one even doesn't work if
+# there's a valid #! line on the first line.  I don't understand why....

Modified: trunk/testset/tags.scripts
===================================================================
--- trunk/testset/tags.scripts	2006-03-16 03:42:49 UTC (rev 580)
+++ trunk/testset/tags.scripts	2006-03-16 18:14:47 UTC (rev 581)
@@ -11,6 +11,9 @@
 W: scripts source: source-nmu-has-incorrect-version-number 6
 W: scripts: binary-without-manpage lefty-foo
 W: scripts: binary-without-manpage make-foo
+W: scripts: binary-without-manpage perl-bizarre-1
+W: scripts: binary-without-manpage perl-bizarre-2
+W: scripts: binary-without-manpage perl-bizarre-3
 W: scripts: binary-without-manpage perlfoo
 W: scripts: binary-without-manpage py2foo
 W: scripts: binary-without-manpage pyfoo
Reply to: