[lintian] 01/04: checks/shared-libs: Exclude PIEs from shared library checks

To: debian-lint-maint@lists.debian.org
Subject: [lintian] 01/04: checks/shared-libs: Exclude PIEs from shared library checks
From: Jakub Wilk <jwilk@moszumanska.debian.org>
Date: Fri, 21 Oct 2016 17:08:31 +0000
Message-id: <[🔎] E1bxdJ1-0003I4-Ov@moszumanska.debian.org>
Reply-to: Jakub Wilk <jwilk@debian.org>
In-reply-to: <[🔎] 20161021170821.12544.18290@moszumanska.debian.org>
References: <[🔎] 20161021170821.12544.18290@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

jwilk pushed a commit to branch master
in repository lintian.

commit 492dc0d123840dbe4b22ce698bde69c2aa847688
Author: Jakub Wilk <jwilk@debian.org>
Date:   Thu Oct 20 19:31:28 2016 +0200

    checks/shared-libs: Exclude PIEs from shared library checks
    
    According to glibc upstream[*], DT_DEBUG can be used to distinguish
    normal shared libraries from position-independent executables. To be
    extra sure, we skip only those PIEs that have executable bit set and
    don't have a .so extension.
    
    [*] https://sourceware.org/ml/libc-alpha/2015-03/msg00605.html
---
 checks/shared-libs.pm                                 |  8 +++++++-
 debian/changelog                                      |  3 +++
 helpers/coll/objdump-info-helper                      |  2 +-
 lib/Lintian/Collect/Binary.pm                         |  2 +-
 t/tests/shared-libs-missing-soname/debian/Makefile    | 19 +++++++++++++++++++
 t/tests/shared-libs-missing-soname/debian/code.c      | 10 ++++++++++
 .../debian/debian/control.in                          | 14 ++++++++++++++
 t/tests/shared-libs-missing-soname/debian/main.c      |  4 ++++
 t/tests/shared-libs-missing-soname/desc               |  6 ++++++
 t/tests/shared-libs-missing-soname/tags               |  1 +
 10 files changed, 66 insertions(+), 3 deletions(-)

diff --git a/checks/shared-libs.pm b/checks/shared-libs.pm
index 00d019e..93dfbed 100644
--- a/checks/shared-libs.pm
+++ b/checks/shared-libs.pm
@@ -77,7 +77,13 @@ sub run {
         next if not $file->is_file;
         my $fileinfo = $file->file_info;
         if ($fileinfo =~ m/^[^,]*\bELF\b/ && $fileinfo =~ m/shared object/) {
-            $sharedobject{$file} = 1;
+            my $perm = $file->operm;
+            my $debug = defined $objdump->{$file}{DEBUG};
+            if ($debug and $perm & 0111 and $file !~ m/\.so(?:\.|$)/) {
+                # position-independent executable
+            } else {
+                $sharedobject{$file} = 1;
+            }
         }
     }
 
diff --git a/debian/changelog b/debian/changelog
index b4bbd53..7b8e841 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,6 +16,9 @@ lintian (2.5.49) UNRELEASED; urgency=medium
   * checks/shared-libs.pm:
     + [JW] Don't complain about executable bit for ld.so shipped in
       multi-arch directories.
+    + [JW] Don't complain about missing SONAME for position-independent
+      executables.  Thanks to Reuben Thomas for the bug report.
+      (Closes: #731987)
   * checks/source-copyright.pm:
     + [RA, JW] Fix handling punctuation characters in license expressions
       in machine-readable copyright files.  (Closes: #841356)
diff --git a/helpers/coll/objdump-info-helper b/helpers/coll/objdump-info-helper
index 0690cb6..b738e6f 100755
--- a/helpers/coll/objdump-info-helper
+++ b/helpers/coll/objdump-info-helper
@@ -173,7 +173,7 @@ while (my $line = <$readelf>) {
             $value =~ s/.*\[//;
             $value =~ s/\]\s*$//;
             $keep = 1;
-        } elsif ($type eq 'TEXTREL') {
+        } elsif ($type eq 'TEXTREL' or $type eq 'DEBUG') {
             $keep = 1;
         } elsif ($type eq 'FLAGS_1') {
             # Will contain "NOW" if the binary was built with -Wl,-z,now
diff --git a/lib/Lintian/Collect/Binary.pm b/lib/Lintian/Collect/Binary.pm
index a351575..075e5bf 100644
--- a/lib/Lintian/Collect/Binary.pm
+++ b/lib/Lintian/Collect/Binary.pm
@@ -424,7 +424,7 @@ sub objdump_info {
                 }
             } elsif ($header eq 'NEEDED' or $header eq 'SONAME') {
                 push @{ $info{$header} }, $val;
-            } elsif ($header eq 'TEXTREL') {
+            } elsif ($header eq 'TEXTREL' or $header eq 'DEBUG') {
                 $info{$header} = 1;
             } elsif ($header eq 'FLAGS_1') {
                 for my $flag (split(m/\s++/, $val)) {
diff --git a/t/tests/shared-libs-missing-soname/debian/Makefile b/t/tests/shared-libs-missing-soname/debian/Makefile
new file mode 100644
index 0000000..2c8bd5e
--- /dev/null
+++ b/t/tests/shared-libs-missing-soname/debian/Makefile
@@ -0,0 +1,19 @@
+CFLAGS += -fPIC
+
+all: libhallo.so hallohelper
+
+libhallo.so: code.o
+	$(LINK.c) -o $@ -shared $^ -lc
+
+hallohelper: main.o
+	$(LINK.c) -o $@ -pie $^ -lc
+
+clean:
+	rm -f *.a *.o *.so *helper
+
+install: all
+	install -m 0755 -d $(DESTDIR)/usr/lib
+	install -m 0644 *.so $(DESTDIR)/usr/lib
+	install -m 0755 *helper $(DESTDIR)/usr/lib
+
+.PHONY: install clean
diff --git a/t/tests/shared-libs-missing-soname/debian/code.c b/t/tests/shared-libs-missing-soname/debian/code.c
new file mode 100644
index 0000000..65887f3
--- /dev/null
+++ b/t/tests/shared-libs-missing-soname/debian/code.c
@@ -0,0 +1,10 @@
+#include <stdlib.h>
+#include <math.h>
+
+double e(void (*f)(char *)){
+  char tmp[10];
+  double x;
+  f(tmp);
+  x = atof(tmp);
+  return exp(x);
+}
diff --git a/t/tests/shared-libs-missing-soname/debian/debian/control.in b/t/tests/shared-libs-missing-soname/debian/debian/control.in
new file mode 100644
index 0000000..a1b78c3
--- /dev/null
+++ b/t/tests/shared-libs-missing-soname/debian/debian/control.in
@@ -0,0 +1,14 @@
+Source: {$source}
+Priority: extra
+Section: libs
+Maintainer: {$author}
+Standards-Version: {$standards_version}
+Build-Depends: {$build_depends}
+
+Package: libhallo1
+Architecture: any
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: {$description}
+ This is a test package designed to exercise some feature or tag of
+ Lintian.  It is part of the Lintian test suite and may do very odd
+ things.  It should not be installed like a regular package.
diff --git a/t/tests/shared-libs-missing-soname/debian/main.c b/t/tests/shared-libs-missing-soname/debian/main.c
new file mode 100644
index 0000000..832667c
--- /dev/null
+++ b/t/tests/shared-libs-missing-soname/debian/main.c
@@ -0,0 +1,4 @@
+int main(int argc, char **argv)
+{
+  return 42;
+}
diff --git a/t/tests/shared-libs-missing-soname/desc b/t/tests/shared-libs-missing-soname/desc
new file mode 100644
index 0000000..026cf7b
--- /dev/null
+++ b/t/tests/shared-libs-missing-soname/desc
@@ -0,0 +1,6 @@
+Testname: shared-libs-missing-soname
+Version: 1.0
+Test-Depends: debhelper (>= 9.20151004~)
+Description: Test for shlib without SONAME
+Test-For:
+ sharedobject-in-library-directory-missing-soname
diff --git a/t/tests/shared-libs-missing-soname/tags b/t/tests/shared-libs-missing-soname/tags
new file mode 100644
index 0000000..9bdfed9
--- /dev/null
+++ b/t/tests/shared-libs-missing-soname/tags
@@ -0,0 +1 @@
+E: libhallo1: sharedobject-in-library-directory-missing-soname usr/lib/libhallo.so

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git

Reply to:

References:
- [lintian] branch master updated (75298b6 -> 9832536)
  - From: Jakub Wilk <jwilk@moszumanska.debian.org>

Prev by Date: [lintian] 04/04: spelling: Add more corrections
Next by Date: Processed: limit source to lintian, tagging 731987
Previous by thread: [lintian] 04/04: spelling: Add more corrections
Next by thread: Build failed in Jenkins: lintian-tests_sid #1366
Index(es):
- Date
- Thread