lintian: r598 - in trunk: checks collection debian lib

To: debian-lint-maint@lists.debian.org
Subject: lintian: r598 - in trunk: checks collection debian lib
From: rra@debian.org
Date: Sat, 01 Apr 2006 08:47:00 +0200
Message-id: <[🔎] E1FPZsy-00021y-BR@mordor.wolffelaar.nl>

Author: rra
Date: 2006-04-01 08:46:55 +0200 (Sat, 01 Apr 2006)
New Revision: 598

Modified:
   trunk/checks/manpages
   trunk/checks/po-debconf
   trunk/collection/objdump-info
   trunk/debian/changelog
   trunk/lib/Util.pm
Log:
* checks/manpages:
  + [RA] Use system_env instead of system and sanitize the environment
    before running man -l out of caution and to avoid extraneous output
    when CDPATH is set.  Reported by Marc Haber.  (Closes: #360217)
* checks/po-debconf:
  + [RA] Use system_env instead of system out of caution and to avoid
    extraneous output when CDPATH is set.
* collection/objdump-info:
  + [RA] Unset CDPATH before running cd to avoid strange effects from
    the user's environment.
* lib/Util.pm:
  + [RA] Add system_env, like system but sanitizing the environment.

Modified: trunk/checks/manpages
===================================================================
--- trunk/checks/manpages	2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/checks/manpages	2006-04-01 06:46:55 UTC (rev 598)
@@ -235,7 +235,7 @@
 	# negatives. When man-db is fixed, this limitation should be
 	# removed.
 	if ($path =~ m,/man/man\d/,) {
-	    if (system("lexgrog unpacked/\Q$file\E >/dev/null 2>&1")) {
+	    if (system_env("lexgrog unpacked/\Q$file\E >/dev/null 2>&1")) {
 		tag "manpage-has-bad-whatis-entry", "$file";
 	    }
 	}
@@ -244,14 +244,22 @@
 	# parent directory before running man so that .so directives are
 	# processed properly.  (Yes, there are man pages that include other
 	# pages with .so but aren't simple links; rbash, for instance.)
-        my $cmd;
-        if ($file =~ m,^(.*)/(man\d/.*)$,) {
-            $cmd = "cd unpacked/\Q$1\E && LANG=C man -l \Q$2\E";
-        } else {
-            $cmd = "LANG=C man -l unpacked/\Q$file\E";
-        }
-	open MANERRS, '-|', "($cmd >/dev/null) 2>&1"
-	    or fail("cannot run man -l: $!");
+	my $cmd;
+	if ($file =~ m,^(.*)/(man\d/.*)$,) {
+	    $cmd = "cd unpacked/\Q$1\E && man -l \Q$2\E";
+	} else {
+	    $cmd = "man -l unpacked/\Q$file\E";
+	}
+	my $pid = open MANERRS, '-|';
+	if (not defined $pid) {
+	    fail("cannot run man -l: $!");
+	} elsif ($pid == 0) {
+	    my %newenv = (LANG => 'C', PATH => $ENV{PATH});
+	    undef %ENV;
+	    %ENV = %newenv;
+	    exec "($cmd >/dev/null) 2>&1"
+		or fail("cannot run man -l: $!");
+	}
 	while (<MANERRS>) {
 	    # ignore progress information from man
 	    next if /^Reformatting/;

Modified: trunk/checks/po-debconf
===================================================================
--- trunk/checks/po-debconf	2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/checks/po-debconf	2006-04-01 06:46:55 UTC (rev 598)
@@ -76,8 +76,8 @@
 if (-x "/usr/bin/msgcmp" && -x "/usr/share/intltool-debian/intltool-update" ) {
 	if ($missing_files == 0) {
 		$ENV{"INTLTOOL_EXTRACT"} ||= "/usr/share/intltool-debian/intltool-extract";
-		system("cd debfiles/po && /usr/share/intltool-debian/intltool-update --gettext-package=test --pot");
-		system("/usr/bin/msgcmp debfiles/po/test.pot debfiles/po/templates.pot >/dev/null 2>&1") == 0
+		system_env("cd debfiles/po && /usr/share/intltool-debian/intltool-update --gettext-package=test --pot");
+		system_env("/usr/bin/msgcmp debfiles/po/test.pot debfiles/po/templates.pot >/dev/null 2>&1") == 0
                 	or tag "newer-debconf-templates";
 	}
 } else {
@@ -106,7 +106,7 @@
         }
         tag "unknown-encoding-in-po-file", "debian/po/$file"
                 unless length($charset);
-	system("msgfmt -o /dev/null debfiles/po/$file 2>/dev/null") == 0
+	system_env("msgfmt -o /dev/null debfiles/po/$file 2>/dev/null") == 0
 		or tag "invalid-po-file", "debian/po/$file";
 }
 

Modified: trunk/collection/objdump-info
===================================================================
--- trunk/collection/objdump-info	2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/collection/objdump-info	2006-04-01 06:46:55 UTC (rev 598)
@@ -30,6 +30,7 @@
     exit 2
 fi
 
+CDPATH=
 cd unpacked
 
 rm -f ../objdump-info

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/debian/changelog	2006-04-01 06:46:55 UTC (rev 598)
@@ -14,14 +14,28 @@
       are now too many combinations to list completely.
     + [RA] Catch build dependencies on X metapackages, based on a patch by
       Josh Triplett.  (Partially addresses #347169)
+  * checks/manpages:
+    + [RA] Use system_env instead of system and sanitize the environment
+      before running man -l out of caution and to avoid extraneous output
+      when CDPATH is set.  Reported by Marc Haber.  (Closes: #360217)
+  * checks/po-debconf:
+    + [RA] Use system_env instead of system out of caution and to avoid
+      extraneous output when CDPATH is set.
   * checks/scripts.desc:
     + [RA] Change the check for broken error handling with invoke-rc.d to
       maintainer-script-hides-init-failure to be more generic and explain
       what the test looks at.  Add the script name and line number and fix
       a typo.  Thanks, Marc Haber.  (Closes: #360214, #360216)
 
- -- Russ Allbery <rra@debian.org>  Fri, 31 Mar 2006 22:00:45 -0800
+  * collection/objdump-info:
+    + [RA] Unset CDPATH before running cd to avoid strange effects from
+      the user's environment.
 
+  * lib/Util.pm:
+    + [RA] Add system_env, like system but sanitizing the environment.
+
+ -- Russ Allbery <rra@debian.org>  Fri, 31 Mar 2006 22:40:32 -0800
+
 lintian (1.23.16) unstable; urgency=low
 
   The "What's this Russ guy up to?" release

Modified: trunk/lib/Util.pm
===================================================================
--- trunk/lib/Util.pm	2006-04-01 06:01:57 UTC (rev 597)
+++ trunk/lib/Util.pm	2006-04-01 06:46:55 UTC (rev 598)
@@ -31,7 +31,8 @@
 	slurp_entire_file
 	get_file_md5
 	file_is_encoded_in_non_utf8
-	fail);
+	fail
+	system_env);
 
 use FileHandle;
 use Pipeline;
@@ -207,6 +208,23 @@
 	return 0;
 }
 
+# Just like system, except cleanses the environment first to avoid any strange
+# side effects due to the user's environment.
+sub system_env {
+    my @whitelist = qw(PATH INTLTOOL_EXTRACT);
+    my %newenv = map { exists $ENV{$_} ? ($_ => $ENV{$_}) : () } @whitelist;
+    my $pid = fork;
+    if (not defined $pid) {
+	return -1;
+    } elsif ($pid == 0) {
+	%ENV = %newenv;
+	exec @_ or die("exec of $_[0] failed: $!\n");
+    } else {
+	waitpid $pid, 0;
+	return $?;
+    }
+}
+
 # ------------------------
 
 sub fail {

Reply to:

Prev by Date: Bug#360216: lintian: maintainer-script-built-with-broken-debhelper-version fires in non-debhelper case
Next by Date: Bug#360217: lintian: should clean invocation environment
Previous by thread: Bug#360216: lintian: maintainer-script-built-with-broken-debhelper-version fires in non-debhelper case
Next by thread: Bug#360217: lintian: should clean invocation environment
Index(es):
- Date
- Thread