[SCM] Debian package checker branch, master, updated. 2.1.3-37-gfad5411
The following commit has been merged in the master branch:
commit f68b8f057a27e34a43426a4f3c700334f3adbf30
Author: Russ Allbery <rra@debian.org>
Date: Tue Dec 30 16:18:38 2008 -0800
Improve collection of symlinked copyright files
* collection/copyright-file:
+ [RA] Copy copyright files that are relative links, provided that the
link is safe, and otherwise treat symlinked copyright files as if
they were empty. Fixes a Lintian crash on packages where the
copyright file is a relative symlink.
diff --git a/collection/copyright-file b/collection/copyright-file
index efd474b..04425dd 100755
--- a/collection/copyright-file
+++ b/collection/copyright-file
@@ -24,6 +24,8 @@ use strict;
use lib "$ENV{'LINTIAN_ROOT'}/lib";
use Util;
+use File::Copy qw(copy);
+
($#ARGV == 1) or fail("syntax: copyright-file <pkg> <type>");
my $pkg = shift;
my $type = shift;
@@ -39,7 +41,17 @@ my $file;
if (-f $file1 ) { $file = $file1; }
else { $file = $file2; }
-if (-f $file) {
+# If copyright was a symlink, we need to make a copy of it. Just hardlinking
+# to the symlink may leave a relative symlink into a directory we can't
+# unpack. Be careful about what symlinks we allow, though.
+if (-l $file) {
+ my $link = readlink($file) or fail("cannot readlink $file: $!");
+ if ($link =~ /\.\./ || ($link =~ m%/% && $link !~ m%^[^/]+(/+[^/]+)*\z%)) {
+ touch_file("copyright");
+ } else {
+ copy($file, "copyright") or fail("cannot copy $file: $!");
+ }
+} elsif (-f $file) {
link($file, "copyright")
or fail("cannot link $file to copyright: $!");
} elsif (-f "$file.gz") {
diff --git a/debian/changelog b/debian/changelog
index 82e3c05..a330a9b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -68,6 +68,12 @@ lintian (2.1.4) UNRELEASED; urgency=low
(Closes: #381485)
+ [RA] Allow dpkg-dev to satisfy a make dependency. (Closes: #510190)
+ * collection/copyright-file:
+ + [RA] Copy copyright files that are relative links, provided that the
+ link is safe, and otherwise treat symlinked copyright files as if
+ they were empty. Fixes a Lintian crash on packages where the
+ copyright file is a relative symlink.
+
* debian/rules:
+ [RA] New check-tag target which runs all test cases in the new test
suite that check for or against a particular tag.
--
Debian package checker
Reply to: