[SCM] Debian package checker branch, master, updated. 2.5.2-132-g9faa8c3

To: debian-lint-maint@lists.debian.org
Subject: [SCM] Debian package checker branch, master, updated. 2.5.2-132-g9faa8c3
From: "Niels Thykier" <niels@thykier.net>
Date: Sat, 10 Sep 2011 10:12:07 +0000
Message-id: <[🔎] E1R2KXf-0001sS-7F@vasks.debian.org>

The following commit has been merged in the master branch:
commit 96505a73697cc46a5d5aefcbe6f11ddbd8e3b3fe
Author: Niels Thykier <niels@thykier.net>
Date:   Wed Aug 17 15:30:33 2011 +0200

    Skip conffiles check if conffiles is a symlink
    
    No normal package uses a symlink in the control.tar.gz and in
    this case, the "extra" info for the tags can more or less get
    you a dump of an arbitrary file on the host file system.

diff --git a/checks/conffiles b/checks/conffiles
index fe1ace7..eefb780 100644
--- a/checks/conffiles
+++ b/checks/conffiles
@@ -37,6 +37,10 @@ my $cf = $info->control('conffiles');
 
 my %conffiles = ();
 
+# Stop if conffiles is a link; no real package uses links in
+# control.tar.gz.
+return if -l $cf;
+
 if (-f $cf) {
 
     open(IN, '<', $cf) or fail("cannot open $cf for reading: $!");
diff --git a/debian/changelog b/debian/changelog
index e4faa6f..d8155bf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -53,6 +53,8 @@ lintian (2.5.3) UNRELEASED; urgency=low
       changelog.
   * checks/{conffile,etcfiles}{,.desc}:
     + [JW] Merged etcfiles into conffile.  (Closes: #637590)
+  * checks/conffile:
+    + [NT] Skip all checks if "conffiles" is a symlink.
   * checks/copyright-file{,.desc}:
     + [JW] Check for CRLF line endings in copyright files.
       (Closes: #634191)
diff --git a/t/debs/control-files-traversal/Makefile b/t/debs/control-files-traversal/Makefile
new file mode 100644
index 0000000..69d4399
--- /dev/null
+++ b/t/debs/control-files-traversal/Makefile
@@ -0,0 +1,9 @@
+name = control-files-traversal
+
+all:
+	ln -s ../md5sums conffiles
+	create-deb -o $(name).deb conffiles control
+
+clean:
+	rm -f *.tar.gz *.deb md5sums debian-binary
+	rm -rf root/
diff --git a/t/debs/control-files-traversal/desc b/t/debs/control-files-traversal/desc
new file mode 100644
index 0000000..60dc3e1
--- /dev/null
+++ b/t/debs/control-files-traversal/desc
@@ -0,0 +1,5 @@
+Testname: control-files-traversal
+Sequence: 6000
+Version: 1.0
+Description: Test for bad owner of control files
+Options: -C conffiles,md5sums -IE
diff --git a/t/debs/deb-format-record-size/tags b/t/debs/control-files-traversal/tags
similarity index 100%
copy from t/debs/deb-format-record-size/tags
copy to t/debs/control-files-traversal/tags

-- 
Debian package checker

Reply to:

Prev by Date: Re: Fixing indentation in our source files
Next by Date: [SCM] Debian package checker branch, master, updated. 2.5.2-132-g9faa8c3
Previous by thread: [SCM] Debian package checker branch, master, updated. 2.5.2-129-g8bd7c93
Next by thread: [SCM] Debian package checker branch, master, updated. 2.5.2-132-g9faa8c3
Index(es):
- Date
- Thread