[SCM] Debian package checker branch, master, updated. 2.5.12-41-g02367f5

To: debian-lint-maint@lists.debian.org
Subject: [SCM] Debian package checker branch, master, updated. 2.5.12-41-g02367f5
From: "Niels Thykier" <niels@thykier.net>
Date: Thu, 25 Apr 2013 21:37:56 +0000
Message-id: <[🔎] E1UVTrY-0008Im-AK@vasks.debian.org>

The following commit has been merged in the master branch:
commit 02367f508bcbb61b12560926bb29c04e50c94671
Author: Niels Thykier <niels@thykier.net>
Date:   Thu Apr 25 23:37:15 2013 +0200

    c/cruft: Flag all absolute symlinks in source pkgs as unsafe
    
    Signed-off-by: Niels Thykier <niels@thykier.net>

diff --git a/checks/cruft b/checks/cruft
index 07a097f..bc9f381 100644
--- a/checks/cruft
+++ b/checks/cruft
@@ -359,7 +359,11 @@ sub find_cruft {
     if (-l) {
         my $target = readlink($_);
         my $dirname = dirname($_);
-        my $normalized = normalize_pkg_path($dirname, $target);
+        my $normalized;
+        # If it is an absolute link, it escapes the root by default
+        if ($target !~ m{\A / }xsm) {
+            $normalized = normalize_pkg_path($dirname, $target);
+        }
         if (not defined($normalized)) {
             # skip unsafe symlinks too
             tag 'source-contains-unsafe-symlink', $_;
diff --git a/checks/cruft.desc b/checks/cruft.desc
index 4c0c7db..184215f 100644
--- a/checks/cruft.desc
+++ b/checks/cruft.desc
@@ -514,7 +514,9 @@ Tag: source-contains-unsafe-symlink
 Severity: serious
 Certainty: possible
 Info: The source contains an unsafe symlink.  If followed, the link
- will escape the source root.
+ will escape the source root.  Note that all absolute symlinks are
+ unconditionally considered "unsafe" in this case (unlike in binary
+ packages).
  .
  If it is a part of the package's testsuite, Lintian may have failed
  to recognise it as a test.  In that case, please override the tag.
diff --git a/debian/changelog b/debian/changelog
index f880bf1..5d079b8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -21,10 +21,12 @@ lintian (2.5.13) UNRELEASED; urgency=low
       not have triggered that tag.
     + [NT] Test that all paths listed in the "conffiles" control
       file is actually in the package being tested.
-  * checks/cruft.desc:
+  * checks/cruft{,.desc}:
     + [JW] Correct the name of the architecture listed in
       description of the tag outdated-autotools-helper-file.
       (Closes: #706166)
+    + [NT] Flag all absolute symlinks in source packages as
+      "unsafe".  (Closes: #697164)
   * checks/description:
     + [NT] Skip extended-description-is-probably-too-short
       for -dbg packages.  Thanks to Paul Wise for the suggestion.

-- 
Debian package checker

Reply to:

Prev by Date: Processed: Re: Bug#697164: [new check] check for source packages with symlinks pointing outside
Next by Date: [SCM] Debian package checker branch, master, updated. 2.5.12-42-g71c2f54
Previous by thread: Processed: Re: Bug#697164: [new check] check for source packages with symlinks pointing outside
Next by thread: [SCM] Debian package checker branch, master, updated. 2.5.12-42-g71c2f54
Index(es):
- Date
- Thread