lintian: r600 - in trunk: checks debian testset testset/maintainer-scripts/debian
Author: rra
Date: 2006-04-03 02:41:07 +0200 (Mon, 03 Apr 2006)
New Revision: 600
Modified:
trunk/checks/scripts
trunk/debian/changelog
trunk/testset/maintainer-scripts/debian/prerm
trunk/testset/tags.maintainer-scripts
Log:
* checks/scripts:
+ [RA] Ignore text inside single quotes and, for most checks, text
inside double quotes when checking for bashisms. Reported by Frank
Kuster. (Closes: #344266)
Modified: trunk/checks/scripts
===================================================================
--- trunk/checks/scripts 2006-04-02 22:40:48 UTC (rev 599)
+++ trunk/checks/scripts 2006-04-03 00:41:07 UTC (rev 600)
@@ -457,59 +457,79 @@
my $found = 0;
my $found_strict = 0;
my $match = '';
+ my @bashism_string_regexs = (
+ '\$\[\w+\]', # arith not allowed
+ '\$\{\w+\:\d+(?::\d+)?\}', # ${foo:3[:1]}
+ '\$\{\w+(/.+?){1,2}\}', # ${parm/?/pat[/str]}
+ '\$\{\#?\w+\[[0-9\*\@]+\]\}',# bash arrays, ${name[0|*|@]}
+ );
my @bashism_regexs = (
'function \w+\(\s*\)', # function is useless
- # should be '.', not 'source'
+ # should be '.', not 'source'
'(?:^|\s+)source\s+(?:\.\/|\/|\$)[^\s]+',
'(\[|test|-o|-a)\s*[^\s]+\s+==\s', # should be 'b = a'
- '\s(\|\&)', # pipelining is not POSIX
- '\$\[\w+\]', # arith not allowed
- '\$\{\w+\:\d+(?::\d+)?\}', # ${foo:3[:1]}
- '\$\{\w+(/.+?){1,2}\}', # ${parm/?/pat[/str]}
+ '\s(\|\&)', # pipelining is not POSIX
'[^\\\]\{([^\s]+?,)+[^\\\}\s]+\}', # brace expansion
'(?:^|\s+)\w+\[\d+\]=', # bash arrays, H[0]
- '\$\{\#?\w+\[[0-9\*\@]+\]\}',# bash arrays, ${name[0|*|@]}
- '(?:^|\s+)read\s*(?:;|$)', # read without variable
-
- '(?:^|\s+)kill\s+-[^sl]\w*', # kill -[0-9] or -[A-Z]
+ '(?:^|\s+)read\s*(?:;|$)', # read without variable
+ '(?:^|\s+)kill\s+-[^sl]\w*', # kill -[0-9] or -[A-Z]
'(?:^|\s+)trap\s+["\']?.*["\']?\s+.*[1-9]', # trap with signal numbers
- '\&>', # cshism
- '\[\[(?!:)', # alternative test command
+ '\&>', # cshism
+ '\[\[(?!:)', # alternative test command
);
my @strict_posix_regexs = (
'((?:test|\[)\s+.+\s-[ao])\s',# test/[ -a/-o binary operators
- '(?:^\s*)local\s', # local scoping of variables
+ '(?:^\s*)local\s', # local scoping of variables
);
- for my $re (@bashism_regexs) {
- if (m/($re)/) {
+ # since this test is ugly, I have to do it by itself
+ # detect source (.) trying to pass args to the command it runs
+ if (not $found and m/^\s*(\.\s+[^\s]+\s+([^\s]+))/) {
+ if ($2 =~ /^(\&|\||\d?>|<)/) {
+ # everything is ok
+ ;
+ } else {
$found = 1;
$match = $1;
+ }
+ }
+
+ # Ignore anything inside single quotes; it could be an
+ # argument to grep or the like.
+ my $line = $_;
+ $line =~ s/([^\\](?:\\\\)*)\'(?:\\.|[^\\\'])+\'/$1''/g;
+
+ for my $re (@bashism_string_regexs) {
+ if ($line =~ m/($re)/) {
+ $found = 1;
+ ($match) = m/($re)/;
last;
}
}
+
+ # We've checked for all the things we still want to notice in
+ # double-quoted strings, so now remove those strings as well.
unless ($found) {
+ $line =~ s/([^\\](?:\\\\)*)\"(?:\\.|[^\\\"])+\"/$1""/g;
+ for my $re (@bashism_regexs) {
+ if ($line =~ m/($re)/) {
+ $found = 1;
+ ($match) = m/($re)/;
+ last;
+ }
+ }
+ }
+ unless ($found) {
for my $re (@strict_posix_regexs) {
- if (m/($re)/) {
+ if ($line =~ m/($re)/) {
$found = 1;
$found_strict = 1;
- $match = $1;
+ ($match) = m/($re)/;
last;
}
}
}
- # since this test is ugly, I have to do it by itself
- # detect source (.) trying to pass args to the command it runs
- if (not $found and m/^\s*(\.\s+[^\s]+\s+([^\s]+))/) {
- if ($2 =~ /^(\&|\||\d?>|<)/) {
- # everything is ok
- ;
- } else {
- $found = 1;
- $match = $1;
- }
- }
if ($found && $found_strict) {
tag "possible-non-posix-code-in-maintainer-script", "$file:$. \'$match\'";
} elsif ($found) {
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2006-04-02 22:40:48 UTC (rev 599)
+++ trunk/debian/changelog 2006-04-03 00:41:07 UTC (rev 600)
@@ -24,6 +24,10 @@
* checks/po-debconf:
+ [RA] Use system_env instead of system out of caution and to avoid
extraneous output when CDPATH is set.
+ * checks/scripts:
+ + [RA] Ignore text inside single quotes and, for most checks, text
+ inside double quotes when checking for bashisms. Reported by Frank
+ Küster. (Closes: #344266)
* checks/scripts.desc:
+ [RA] Change the check for broken error handling with invoke-rc.d to
maintainer-script-hides-init-failure to be more generic and explain
Modified: trunk/testset/maintainer-scripts/debian/prerm
===================================================================
--- trunk/testset/maintainer-scripts/debian/prerm 2006-04-02 22:40:48 UTC (rev 599)
+++ trunk/testset/maintainer-scripts/debian/prerm 2006-04-03 00:41:07 UTC (rev 600)
@@ -40,3 +40,12 @@
fi
update-rc.d foo remove
+
+# More false positives for bashism checks. None of these are errors.
+echo "$line" | grep -q '{fonts/map,}/{\$progname,pdftex,dvips,}//'
+echo '$[1+2]'
+printf "foo |& bar"
+perl -e "print q( kill -HUP $? )"
+
+# Still catch disallowed expansions in double-quotes, though.
+echo "${line:3:1}"
Modified: trunk/testset/tags.maintainer-scripts
===================================================================
--- trunk/testset/tags.maintainer-scripts 2006-04-02 22:40:48 UTC (rev 599)
+++ trunk/testset/tags.maintainer-scripts 2006-04-03 00:41:07 UTC (rev 600)
@@ -40,6 +40,7 @@
W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:31 'trap "echo hi" EXIT HUP 3'
W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:33 '[['
W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:34 ' kill -HUP'
+W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:51 '${line:3:1}'
W: maintainer-scripts: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:50
W: maintainer-scripts: postinst-does-not-load-confmodule
W: maintainer-scripts: postinst-should-not-set-usr-doc-link
Reply to: