[SCM] Debian package checker branch, master, updated. 2.5.4-157-g11e471d
The following commit has been merged in the master branch:
commit 11e471d02493c11830f1c3d163d03aaa8941e0b5
Author: Niels Thykier <niels@thykier.net>
Date: Thu Feb 9 16:59:29 2012 +0100
Util: Added clean_env sub to clean %ENV using a whitelist
Signed-off-by: Niels Thykier <niels@thykier.net>
diff --git a/checks/manpages b/checks/manpages
index 59d1757..47f44f2 100644
--- a/checks/manpages
+++ b/checks/manpages
@@ -217,10 +217,8 @@ foreach my $file (@{$info->sorted_index}) {
if (not defined $pid) {
fail("cannot run lexgrog: $!");
} elsif ($pid == 0) {
- my %newenv = (LC_ALL => 'en_US.UTF-8', PATH => $ENV{PATH},
- LOCPATH => $ENV{LOCPATH});
- undef %ENV;
- %ENV = %newenv;
+ clean_env;
+ $ENV{LC_ALL} = 'en_US.UTF-8';
exec "lexgrog \Q$path\E 2>&1"
or fail("cannot run lexgrog: $!");
}
@@ -251,10 +249,9 @@ foreach my $file (@{$info->sorted_index}) {
if (not defined $pid) {
fail("cannot run man -E UTF-8 -l: $!");
} elsif ($pid == 0) {
- my %newenv = (LC_ALL => 'en_US.UTF-8', PATH => $ENV{PATH},
- MANWIDTH => 80, LOCPATH => $ENV{LOCPATH});
- undef %ENV;
- %ENV = %newenv;
+ clean_env;
+ $ENV{LC_ALL} = 'en_US.UTF-8';
+ $ENV{MANWIDTH} = 80;
exec "($cmd >/dev/null) 2>&1"
or fail("cannot run man -E UTF-8 -l: $!");
}
diff --git a/lib/Util.pm b/lib/Util.pm
index 25001bd..ea7beea 100644
--- a/lib/Util.pm
+++ b/lib/Util.pm
@@ -46,6 +46,7 @@ BEGIN {
touch_file
perm2oct
check_path
+ clean_env
resolve_pkg_path);
}
@@ -267,13 +268,11 @@ sub file_is_encoded_in_non_utf8 {
# Just like system, except cleanses the environment first to avoid any strange
# side effects due to the user's environment.
sub system_env {
- my @whitelist = qw(PATH INTLTOOL_EXTRACT LOCPATH);
- my %newenv = map { exists $ENV{$_} ? ($_ => $ENV{$_}) : () } @whitelist;
my $pid = fork;
if (not defined $pid) {
return -1;
} elsif ($pid == 0) {
- %ENV = %newenv;
+ clean_env();
exec @_ or die("exec of $_[0] failed: $!\n");
} else {
waitpid $pid, 0;
@@ -281,6 +280,16 @@ sub system_env {
}
}
+# Destructively clean %ENV - removes all variables from %ENV except
+# those listed as arguments. If called without arguments a default
+# whitelist (including PATH and LOCPATH) will be used) instead.
+sub clean_env {
+ my @whitelist = @_;
+ @whitelist = qw(PATH INTLTOOL_EXTRACT LOCPATH) unless @whitelist;
+ my %newenv = map { exists $ENV{$_} ? ($_ => $ENV{$_}) : () } (@whitelist, @_);
+ %ENV = %newenv;
+}
+
# Translate permission strings like `-rwxrwxrwx' into an octal number.
sub perm2oct {
my ($t) = @_;
--
Debian package checker
Reply to: