[lintian] 01/01: Detect minified javascript by detecting more than one colon per line
This is an automated email from the git hooks/post-receive script.
broucaries-guest pushed a commit to branch master
in repository lintian.
commit 6bf19f142f32404925d3cda376ca74bf249dd3e4
Author: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
Date: Sat Oct 10 22:07:48 2015 +0200
Detect minified javascript by detecting more than one colon per line
Algo is now:
If Line > 512 => minified
Else Clean first block
if Line > 128 and more than one ; => minified
---
checks/cruft.pm | 116 +++++++++++++--------
debian/changelog | 5 +
.../debian/oldfalsepositives/debug.js/testdebug.js | 2 +-
.../{debug.js/testdebug.js => singlecolon.js} | 3 +-
4 files changed, 80 insertions(+), 46 deletions(-)
diff --git a/checks/cruft.pm b/checks/cruft.pm
index c804f8d..de9c68c 100644
--- a/checks/cruft.pm
+++ b/checks/cruft.pm
@@ -35,6 +35,10 @@ use v5.10;
# not less than 8192 for source missing
use constant BLOCKSIZE => 16_384;
+# constant for insane line lenght
+use constant INSANE_LINE_LENGTH => 512;
+use constant SAFE_LINE_LENGTH => 128;
+
use Lintian::Data;
use Lintian::Relation ();
use Lintian::Tags qw(tag);
@@ -936,62 +940,88 @@ sub _search_in_block0 {
return;
}
+# warn about prebuilt javascript and check missing source
+sub _warn_prebuilt_javascript{
+ my ($entry, $info, $name, $basename, $dirname,$linelength,$cutoff) = @_;
+ tag 'source-contains-prebuilt-javascript-object',
+ $name, 'line length is', int($linelength),
+ "characters (>$cutoff)";
+ # Check for missing source. It will check
+ # for the source file in well known directories
+ check_missing_source($entry,$info,$name,$basename,$dirname,
+ [['(?i)\.js$','.debug.js'],['(?i)\.js$','-debug.js'],['','']]);
+}
+
# detect if max line of block is > cutoff
# return false if file is minified
-sub _linelength_test_maxlength_ok {
+sub _linelength_test_maxlength {
my ($entry, $info, $name, $basename, $dirname, $block, $cutoff) = @_;
while($block =~ /([^\n]+)\n?/g){
my $linelength = length($1);
if($linelength > $cutoff) {
- tag 'source-contains-prebuilt-javascript-object',
- $name, 'line length is', int($linelength),
- "characters (>$cutoff)";
- # Check for missing source. It will check
- # for the source file in well known directories
- check_missing_source($entry,$info,$name,$basename,$dirname,
- [['(?i)\.js$','.debug.js'],['(?i)\.js$','-debug.js'],['','']]);
- return 0;
+ return ($linelength,$1,substr($block,pos($block)));
}
}
- return 1;
+ return (0,'',$block);
}
# try to detect non human source based on line length
sub _linelength_test {
my ($entry, $info, $name, $basename, $dirname, $block) = @_;
-
- # first check if line > 1024 that is likely minification
- if(
- _linelength_test_maxlength_ok(
- $entry, $info, $name, $basename, $dirname, $block,1024
- )
- ) {
-# now try to be more clever and work only on the 8192 character in order to avoid
-# regexp recursion problems
- my $strip = substr($block,0,8192);
- # strip indention
- $strip =~ s/^\s+//g;
- # from perl faq strip comments
- $strip =~ s{
- # Strip /* */ comments
- /\* [^*]*+ \*++ (?: [^/*][^*]*+\*++ ) */
- # Strip // comments (C++ style)
- | // (?: [^\\] | [^\n][\n]? )*? (?=\n)
- | (
- # Keep "/* */" (etc) as is
- "(?: \\. | [^"\\]++)*"
- # Keep '/**/' (etc) as is
- | '(?: \\. | [^'\\]++)*'
- # Keep anything else
- | .[^/"'\\]*+
- )
- }{defined $1 ? $1 : ""}xgse;
- # strip empty line
- $strip =~ s/^\s*\n//mg;
- # remove last \n
- $strip =~ s/\n\Z//m;
- _linelength_test_maxlength_ok($entry, $info, $name, $basename,
- $dirname, $strip,256);
+ my $linelength = 0;
+ my $line;
+ my $nextblock;
+
+ ($linelength)
+ = _linelength_test_maxlength($entry, $info, $name, $basename, $dirname,
+ $block,INSANE_LINE_LENGTH);
+ # first check if line > INSANE_LINE_LENGTH that is likely minification
+ # avoid problem by recursive regex with longline
+ if($linelength) {
+ _warn_prebuilt_javascript($entry, $info, $name, $basename, $dirname,
+ $linelength,INSANE_LINE_LENGTH);
+ return;
+ }
+ # Now try to be more clever and work only on the 8192 character
+ # in order to avoid regexp recursion problems
+ my $strip = substr($block,0,8192);
+ # strip indention
+ $strip =~ s/^\s+//g;
+ # from perl faq strip comments
+ $strip =~ s{
+ # Strip /* */ comments
+ /\* [^*]*+ \*++ (?: [^/*][^*]*+\*++ ) */
+ # Strip // comments (C++ style)
+ | // (?: [^\\] | [^\n][\n]? )*? (?=\n)
+ | (
+ # Keep "/* */" (etc) as is
+ "(?: \\. | [^"\\]++)*"
+ # Keep '/**/' (etc) as is
+ | '(?: \\. | [^'\\]++)*'
+ # Keep anything else
+ | .[^/"'\\]*+
+ )
+ }{defined $1 ? $1 : ""}xgse;
+ # strip empty line
+ $strip =~ s/^\s*\n//mg;
+ # remove last \n
+ $strip =~ s/\n\Z//m;
+ $nextblock = $strip;
+ while(length($nextblock)) {
+ # check line above > SAFE_LINE_LENGTH
+ ($linelength,$line,$nextblock)
+ = _linelength_test_maxlength($entry, $info, $name, $basename,
+ $dirname, $nextblock,SAFE_LINE_LENGTH);
+ # no long line
+ unless($linelength) {
+ return;
+ }
+ # compute number of ;
+ if(($line =~ tr/;/;/) > 1) {
+ _warn_prebuilt_javascript($entry, $info, $name, $basename,
+ $dirname,$linelength,SAFE_LINE_LENGTH);
+ return;
+ }
}
return;
}
diff --git a/debian/changelog b/debian/changelog
index d055372..790ee7b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,11 @@ lintian (2.5.39) UNRELEASED; urgency=medium
XXX: generate tag summary
+ * checks/cruft.pm:
+ + [BR] Avoid false positive in minified javascript by
+ detecting line with only one colon.
+ (Closes: #792365, #798900).
+
* data/spelling/corrections*:
+ [JW] Add more corrections.
diff --git a/t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js b/t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js
index e1a0655..fc9eb65 100644
--- a/t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js
+++ b/t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js
@@ -1,4 +1,4 @@
// a very long javascript yuic compressed
/* simulate a long line */
-var longline = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
+var longline = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'; var second='X';
diff --git a/t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js b/t/tests/cruft-minified-js/debian/oldfalsepositives/singlecolon.js
similarity index 85%
copy from t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js
copy to t/tests/cruft-minified-js/debian/oldfalsepositives/singlecolon.js
index e1a0655..80e795f 100644
--- a/t/tests/cruft-minified-js/debian/oldfalsepositives/debug.js/testdebug.js
+++ b/t/tests/cruft-minified-js/debian/oldfalsepositives/singlecolon.js
@@ -1,4 +1,3 @@
-// a very long javascript yuic compressed
-/* simulate a long line */
+/* simulate a long line by with only one ;*/
var longline = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: