[lintian] 01/01: Suppress hardening-{no-relro, no-fortify-functions} for Go binaries.
This is an automated email from the git hooks/post-receive script.
nthykier pushed a commit to branch master
in repository lintian.
commit 81863ecc347985856417ef2c871c3d77375916b4
Author: Michael Stapelberg <stapelberg@debian.org>
Date: Sun Aug 16 09:52:24 2015 +0200
Suppress hardening-{no-relro,no-fortify-functions} for Go binaries.
The Go compiler (gc) does not currently support these features, so do
not warn about them on _every_ binary which is implemented in Go.
Signed-off-by: Niels Thykier <niels@thykier.net>
---
checks/binaries.pm | 5 +++++
debian/changelog | 5 +++++
2 files changed, 10 insertions(+)
diff --git a/checks/binaries.pm b/checks/binaries.pm
index 94197b6..fe02fee 100644
--- a/checks/binaries.pm
+++ b/checks/binaries.pm
@@ -546,6 +546,11 @@ sub run {
if ($flags) {
foreach my $t (@{$info->hardening_info->{$fname}}) {
my $tag = "hardening-$t";
+ # Binaries built by the Go compiler do not support all
+ # hardening measures.
+ next if ($t eq 'no-relro' ||
+ $t eq 'no-fortify-functions') &&
+ $built_with_golang;
tag $tag, $file if $flags->{$tag};
}
}
diff --git a/debian/changelog b/debian/changelog
index 070370a..2e01731 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,11 @@ lintian (2.5.37) UNRELEASED; urgency=medium
"XXX: generate tag summary"
+ * checks/binaries.pm:
+ + [NT] Apply patch from Michael Stapelberg to ignore
+ "no-relro" and "no-fortify-functions" issues in
+ binaries built by the go compiler, as it does not
+ support these features. (Closes: #795667)
* checks/fields.desc:
+ [JW] Use "an" (instead of "a") before "HTTP".
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: