Bug#318104: lintian: warn if package includes a private copy of zlib

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#318104: lintian: warn if package includes a private copy of zlib
From: Florian Weimer <fw@deneb.enyo.de>
Date: Wed, 13 Jul 2005 15:19:34 +0200
Message-id: <[🔎] E1Dsh9C-0002iO-8Z@deneb.enyo.de>
Reply-to: Florian Weimer <fw@deneb.enyo.de>, 318104@bugs.debian.org

Package: lintian
Version: 1.23.9
Severity: wishlist

[Reposting from debian-devel, as requested by Marc Brockschmidt]

From: Florian Weimer <fw@deneb.enyo.de>
Subject: Lintian test case author needed (zlib linking)
To: debian-devel@lists.debian.org
Date: Wed, 13 Jul 2005 13:44:46 +0200
Message-ID: <87oe97x74h.fsf@deneb.enyo.de>
Resent-From: debian-devel@lists.debian.org
Enyo-Status: asn=27354, flags=k

I'd like to encourage someone who has experience writing test cases
for Lintian to create a new one.  It should scan .deb files for ELF
object files which match one of the following Perl regexps:

  /inflate ([0-9][ 0-9a-zA-Z.\-]{1,100}[0-9a-zA-Z.\-])/
  /deflate ([0-9][ 0-9a-zA-Z.\-]{1,100}[0-9a-zA-Z.\-])/

This is less elaborate than the Clamav checks, but it should be good
enough to detect bundled copies of zlib.  Hopefully, this enables us
to eliminate statically linked copies of zlib early in the development
cycle.

Is anyone interested in writing such a test case, and work with the
Lintian maintainers to integreate it into the package?

[Further notes: This can be implemented either by reading the ELF
objects into a string, or by spawning "strings -a" and looking at the
output.  I wouldn't recommend depending on Clamav, or implementing a
special windowing scheme to avoid reading in the whole ELF object.]

Reply to:

Prev by Date: place your internet marketing efforts on autopilot
Next by Date: Re: Adding a new test
Previous by thread: place your internet marketing efforts on autopilot
Next by thread: You best friends and family deserve the BEST internet photo album!
Index(es):
- Date
- Thread