[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[lintian] 01/09: Use Lintian::Data for detection of bad maintainer script command

This is an automated email from the git hooks/post-receive script.

broucaries-guest pushed a commit to branch master
in repository lintian.

commit 2e93699715cd7c71efacdbf30c3cf0ea0c5a0b26
Author: Bastien ROUCARIÈS <roucaries.bastien@gmail.com>
Date:   Sat Dec 7 13:36:11 2013 +0100

    Use Lintian::Data for detection of bad maintainer script command
    
    Use a new file Lintian::Data for detecting bad regexp in
    maintainer script
---
 checks/scripts.pm                          | 25 ++++++++++++++-----------
 data/scripts/maintainer-script-bad-command | 11 +++++++++++
 debian/changelog                           |  2 ++
 t/tests/scripts-maintainer-general/tags    |  2 +-
 4 files changed, 28 insertions(+), 12 deletions(-)

diff --git a/checks/scripts.pm b/checks/scripts.pm
index 56ffad1..dd99233 100644
--- a/checks/scripts.pm
+++ b/checks/scripts.pm
@@ -81,6 +81,11 @@ my $VERSIONED_INTERPRETERS
   = Lintian::Data->new('scripts/versioned-interpreters',
     qr/\s*=\>\s*/o,\&_parse_versioned_interpreters);
 
+#forbidden command in maintenair scripts
+my $BAD_MAINT_CMD = Lintian::Data->new('scripts/maintainer-script-bad-command', 
+    qr/\s*\~\~/,
+    sub { return qr/$_[1]/ism });
+
 # Any of the following packages can satisfy an update-inetd dependency.
 my $update_inetd = join(
     ' | ', qw(update-inetd inet-superserver openbsd-inetd
@@ -795,9 +800,11 @@ sub run {
                       ) {
                         tag 'deprecated-chown-usage', "$file:$. \'$1\'";
                     }
+
                     if (/invoke-rc.d.*\|\| exit 0/) {
                         tag 'maintainer-script-hides-init-failure', "$file:$.";
                     }
+
                     if (m,/usr/share/debconf/confmodule,) {
                         $saw_debconf = 1;
                     }
@@ -888,9 +895,6 @@ sub run {
                     }
                 }
             }
-            if (m,\bsuidregister\b,) {
-                tag 'suidregister-used-in-maintainer-script', $file;
-            }
             if ($file eq 'postrm') {
                 if (m,update\-alternatives \-\-remove,) {
                     tag 'update-alternatives-remove-called-in-postrm';
@@ -920,20 +924,19 @@ sub run {
                     }
                 }
             }
-            if (m,update\-alternatives \-\-(?:set|set\-selections|config),) {
-                tag 'update-alternatives-set-called-in-maintainer-script', "$file:$.";
-            }
-            if (m,\bgconftool(?:-2)?(?:\s|\Z),) {
-                tag 'gconftool-used-in-maintainer-script', "$file:$.";
+            # try generic bad maintainer script command tagging
+            foreach my $bad_cmd_tag ($BAD_MAINT_CMD->all) {
+                my $regex = $BAD_MAINT_CMD->value($bad_cmd_tag);
+                if (m{$regex}) {
+                    tag $bad_cmd_tag, "$file:$.";
+                }
             }
+
             if (m,\binstall-sgmlcatalog\b,
                 && !(m,--remove, && ($file eq 'prerm' || $file eq 'postinst')))
             {
                 tag 'install-sgmlcatalog-deprecated', "$file:$.";
             }
-            if (m,\binstall-info\b,) {
-                tag 'install-info-used-in-maintainer-script', "$file:$.";
-            }
             if (   m,/var/lib/dpkg/status\b,
                 && $pkg ne 'base-files'
                 && $pkg ne 'dpkg') {
diff --git a/data/scripts/maintainer-script-bad-command b/data/scripts/maintainer-script-bad-command
new file mode 100644
index 0000000..70cb903
--- /dev/null
+++ b/data/scripts/maintainer-script-bad-command
@@ -0,0 +1,11 @@
+# complain (tag) when we encounters some commands on maintainer script
+# format is:
+# tag~~regexp
+# 
+# Please alpha sort
+gconftool-used-in-maintainer-script                 ~~\bgconftool(?:-2)?(?:\s|\Z)
+install-info-used-in-maintainer-script              ~~\binstall-info\b
+update-alternatives-set-called-in-maintainer-script ~~\bupdate\-alternatives\s+\-\-(?:set|set\-selections|config)\b
+suidregister-used-in-maintainer-script              ~~\bsuidregister\b
+
+
diff --git a/debian/changelog b/debian/changelog
index 2e1fa7e..3ab39ab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -17,6 +17,8 @@ lintian (2.5.20) UNRELEASED; urgency=low
   * checks/scripts.{desc,pm}:
     + [BR] Detect update-alternatives --set in maintainer scripts.
       (Closes: #643602).
+    + [BR] Use Lintian::Data for bad shell construction in maintainer
+      scripts.
   * checks/watch.{desc,pm}:
     + [BR] Detect lack of uscan support for gpg signature.
       (Closes: #711553).
diff --git a/t/tests/scripts-maintainer-general/tags b/t/tests/scripts-maintainer-general/tags
index 006f093..a83b2c0 100644
--- a/t/tests/scripts-maintainer-general/tags
+++ b/t/tests/scripts-maintainer-general/tags
@@ -10,7 +10,7 @@ E: scripts-maintainer-general: maintainer-script-uses-dpkg-status-directly posti
 E: scripts-maintainer-general: maintainer-shell-script-fails-syntax-check prerm
 E: scripts-maintainer-general: mknod-in-maintainer-script postinst:125
 E: scripts-maintainer-general: read-in-maintainer-script postinst:10
-E: scripts-maintainer-general: suidregister-used-in-maintainer-script postinst
+E: scripts-maintainer-general: suidregister-used-in-maintainer-script postinst:101
 W: scripts-maintainer-general: command-with-path-in-maintainer-script postinst:117 /usr/bin/foo
 W: scripts-maintainer-general: command-with-path-in-maintainer-script postinst:118 /usr/bin/foo
 W: scripts-maintainer-general: command-with-path-in-maintainer-script postinst:91 /usr/bin/baz

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: