[SCM] Debian package checker branch, master, updated. 2.1.5-6-g6a90db7

To: debian-lint-maint@lists.debian.org
Subject: [SCM] Debian package checker branch, master, updated. 2.1.5-6-g6a90db7
From: "Russ Allbery" <rra@debian.org>
Date: Sun, 11 Jan 2009 18:47:08 +0000
Message-id: <[🔎] E1LM5L2-0005Fv-So@alioth.debian.org>

The following commit has been merged in the master branch:
commit 6a90db7da7c86b7fffd689c28f097d16fbd92653
Author: Russ Allbery <rra@debian.org>
Date:   Sun Jan 11 10:46:17 2009 -0800

    Check basic format of .changes files before continuing
    
    * checks/lintian.desc:
      + [RA] Add tag description for malformed-changes-file.
    * frontend/lintian:
      + [RA] Check that .changes files have at least a Format key.  If not,
        issue malformed-changes-file and skip them.  This catches .changes
        files that were PGP-signed twice.  (Closes: #315538)

diff --git a/checks/lintian.desc b/checks/lintian.desc
index c1b6d56..1ba60bc 100644
--- a/checks/lintian.desc
+++ b/checks/lintian.desc
@@ -1,6 +1,18 @@
 Check-Script: lintian
-Info: this description file is a special case: it contains the tag info
- for the tags produced by the lintian frontend itself
+Info: This description file is a special case.  It contains the tag info
+ for the tags produced by the lintian frontend itself.
+
+Tag: malformed-changes-file
+Severity: serious
+Certainty: certain
+Info: There is no "Format" field in your .changes file.  This probably
+ indicates some serious problem with the file.  Perhaps it's not actually
+ a changes file, or it's not in the proper format, or it's PGP-signed
+ twice.
+ .
+ Since Lintian was unable to parse this .changes file, it and any files
+ that it would have referenced were skipped.
+Ref: policy 5.5
 
 Tag: no-description-in-changes-file
 Severity: serious
diff --git a/debian/changelog b/debian/changelog
index 92de3bd..39f9b73 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,10 +3,18 @@ lintian (2.1.6) UNRELEASED; urgency=low
   * Summary of tag changes:
     + Added
       - diff-contains-cmake-cache-file
+      - malformed-changes-file
 
   * checks/cruft{,.desc}:
     + [RA] Error on CMakeCache.txt files added or modified in the diff.
       Thanks, Joerg Jaspert.  (Closes: #510957)
+  * checks/lintian.desc:
+    + [RA] Add tag description for malformed-changes-file.
+
+  * frontend/lintian:
+    + [RA] Check that .changes files have at least a Format key.  If not,
+      issue malformed-changes-file and skip them.  This catches .changes
+      files that were PGP-signed twice.  (Closes: #315538)
 
   * t/runtests:
     + [RA] Add pre_upstream hook to modify the upstream source before
diff --git a/frontend/lintian b/frontend/lintian
index 7252315..2a9c957 100755
--- a/frontend/lintian
+++ b/frontend/lintian
@@ -785,9 +785,15 @@ while (my $arg = shift) {
 		warning("$arg is a zero-byte file, skipping");
 		next;
 	    }
-
 	    Tags::set_pkg( $arg, $arg_name, "", "", 'binary' );
 
+	    # If we don't have a Format key, something went seriously wrong.
+	    # Tag the file and skip remaining processing.
+	    if (!$data->{'format'}) {
+		tag('malformed-changes-file');
+		next;
+	    }
+
 	    # Description is mandated by dak, but only makes sense if binary
 	    # packages are included.  Don't tag pure source uploads.
 	    if (!$data->{'description'} && $data->{'architecture'} ne 'source') {
diff --git a/t/changes/changes-double-signed.changes b/t/changes/changes-double-signed.changes
new file mode 100644
index 0000000..a5cd225
--- /dev/null
+++ b/t/changes/changes-double-signed.changes
@@ -0,0 +1,32 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+- -----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Format: 1.8
+Date: Sat, 10 Jan 2009 10:50:38 -0800
+Source: changed-by-malformed
+Binary: changed-by-malformed
+Architecture: source all
+Version: 1.0
+Distribution: unstable
+Urgency: low
+Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
+Changed-By: Russ Allbery <rra@debian.org>
+Description:
+ changed-by-malformed - Test Changed-By field with localhost address
+- -----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+iEYEARECAAYFAklprBgACgkQ+YXjQAr8dHahYACg1WOxEh9uaavrM6oNNS9VE2rq
+gLUAn1s+SdFHHi8IAwQSvPVFKJSEvGwl
+=MXTD
+- -----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+iEYEARECAAYFAklprEwACgkQ+YXjQAr8dHacsgCcDwLS5P/u8VAHXQBQxg3dMOee
+mYcAoMCm5KyefN7DIFqkCQKx993k/koY
+=WuMg
+-----END PGP SIGNATURE-----
diff --git a/t/changes/changes-double-signed.tags b/t/changes/changes-double-signed.tags
new file mode 100644
index 0000000..38c3365
--- /dev/null
+++ b/t/changes/changes-double-signed.tags
@@ -0,0 +1 @@
+E: changes-double-signed.changes: malformed-changes-file

-- 
Debian package checker

Reply to:

Prev by Date: Bug#511496: Please provide taglists grouped by Severity
Next by Date: Bug#315538: setting package to lintian, tagging 315538
Previous by thread: Bug#511496: marked as done ([reporting] provide tag list grouped by severity)
Next by thread: Bug#315538: setting package to lintian, tagging 315538
Index(es):
- Date
- Thread