[SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095

To: debian-lint-maint@lists.debian.org
Subject: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
From: "Niels Thykier" <niels@thykier.net>
Date: Tue, 16 Apr 2013 16:26:25 +0000
Message-id: <[🔎] E1US8i9-0001f2-D9@vasks.debian.org>

The following commit has been merged in the master branch:
commit d6105279bd4fa3b93101bc020256ca407dd0b9f5
Author: Niels Thykier <niels@thykier.net>
Date:   Thu Apr 4 23:47:34 2013 +0200

    c/menus: Skip maintscripts that are symlink
    
    Signed-off-by: Niels Thykier <niels@thykier.net>

diff --git a/checks/menus b/checks/menus
index 52f5f0e..c47609a 100644
--- a/checks/menus
+++ b/checks/menus
@@ -69,18 +69,10 @@ my $menumethod_file;
 my $anymenu_file;
 my $documentation;
 
-if (-f $info->control('preinst')) {
-    check_script($pkg, $info->control('preinst'), 'preinst', \%preinst);
-}
-if (-f $info->control('postinst')) {
-    check_script($pkg, $info->control('postinst'), 'postinst', \%postinst);
-}
-if (-f $info->control('prerm')) {
-    check_script($pkg, $info->control('prerm'), 'prerm', \%prerm);
-}
-if (-f $info->control('postrm')) {
-    check_script($pkg, $info->control('postrm'), 'postrm', \%postrm);
-}
+check_script($pkg, $info->control('preinst'), 'preinst', \%preinst);
+check_script($pkg, $info->control('postinst'), 'postinst', \%postinst);
+check_script($pkg, $info->control('prerm'), 'prerm', \%prerm);
+check_script($pkg, $info->control('postrm'), 'postrm', \%postrm);
 
 # read package contents
 for my $file ($info->sorted_index) {
@@ -578,6 +570,9 @@ sub check_script {
     my ($no_check_menu,$no_check_installdocs);
     my $interp;
 
+    # control files are regular files and not symlinks, pipes etc.
+    return if -l $spath or not -f $spath;
+
     open(IN, '<', $spath) or
         fail("cannot open maintainer script control/$script for reading: $!");
     $interp = <IN>;
diff --git a/debian/changelog b/debian/changelog
index 96e262c..fadc1c4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -126,6 +126,9 @@ lintian (2.5.12) UNRELEASED; urgency=low
       relative icons in menu files.  (Closes: #697916)
     + [NT] Document why only XPM are allowed in the tag description
       of menu-icon-not-in-xpm-format.  (Closes: 591812)
+  * checks/menus:
+    + [NT] Fix path traversal issue that could leak information
+      about the host system.
   * checks/patch-systems{,.desc}:
     + [NT] Retire unneeded-build-dep-on-quilt, it is only a pedantic
       tag and apparently not too accurate.  Thanks to Charles Plessy

-- 
Debian package checker

Reply to:

Prev by Date: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Next by Date: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Previous by thread: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Next by thread: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Index(es):
- Date
- Thread