[lintian] 01/01: c/binaries: Handle RUNPATH like RPATH
This is an automated email from the git hooks/post-receive script.
nthykier pushed a commit to branch master
in repository lintian.
commit 4c8f32916207b41702213f2b9c2dd14630b6a090
Author: Niels Thykier <niels@thykier.net>
Date: Tue Nov 29 20:37:37 2016 +0000
c/binaries: Handle RUNPATH like RPATH
From a quick glance, RUNPATH is still uncessary for binaries installed
in the standard library search path. Therefore we will handle RUNPATH
like RPATH for now.
Signed-off-by: Niels Thykier <niels@thykier.net>
---
checks/binaries.desc | 21 +++++++++++----------
checks/binaries.pm | 9 ++++-----
collection/objdump-info.desc | 2 +-
debian/changelog | 11 +++++++++++
helpers/coll/objdump-info-helper | 2 +-
lib/Lintian/Collect/Binary.pm | 2 +-
6 files changed, 29 insertions(+), 18 deletions(-)
diff --git a/checks/binaries.desc b/checks/binaries.desc
index 7adeefe..c3f9d85 100644
--- a/checks/binaries.desc
+++ b/checks/binaries.desc
@@ -68,16 +68,17 @@ Tag: binary-or-shlib-defines-rpath
Severity: serious
Certainty: possible
Ref: https://wiki.debian.org/RpathIssue
-Info: The binary or shared library sets RPATH. This overrides the normal
- library search path, possibly interfering with local policy and causing
- problems for multilib, among other issues.
- .
- The only time a binary or shared library in a Debian package should set
- RPATH is if it is linked to private shared libraries in the same package.
- In that case, place those private shared libraries in
- <tt>/usr/lib/<i>package</i></tt>. Libraries used by binaries in other
- packages should be placed in <tt>/lib</tt> or <tt>/usr/lib</tt> as
- appropriate, with a proper SONAME, in which case RPATH is unnecessary.
+Info: The binary or shared library sets RPATH or RUNPATH. This
+ overrides the normal library search path, possibly interfering with
+ local policy and causing problems for multilib, among other issues.
+ .
+ The only time a binary or shared library in a Debian package should
+ set RPATH or RUNPATH is if it is linked to private shared libraries
+ in the same package. In that case, place those private shared
+ libraries in <tt>/usr/lib/<i>package</i></tt>. Libraries used by
+ binaries in other packages should be placed in <tt>/lib</tt> or
+ <tt>/usr/lib</tt> as appropriate, with a proper SONAME, in which case
+ RPATH/RUNPATH is unnecessary.
.
To fix this problem, look for link lines like:
gcc test.o -o test -Wl,--rpath,/usr/local/lib
diff --git a/checks/binaries.pm b/checks/binaries.pm
index 30c9095..50545a5 100644
--- a/checks/binaries.pm
+++ b/checks/binaries.pm
@@ -416,7 +416,7 @@ sub run {
}
# rpath is disallowed, except in private directories
- if (exists $objdump->{RPATH}) {
+ if (exists($objdump->{RPATH}) or exists($objdump->{RUNPATH})) {
if (not %directories) {
for my $file ($info->sorted_index) {
my $name;
@@ -426,11 +426,10 @@ sub run {
$directories{"/$name"}++;
}
}
+ my @rpaths
+ = (keys(%{$objdump->{RPATH}}),keys(%{$objdump->{RUNPATH}}),);
- foreach my $rpath (
- map {File::Spec->canonpath($_)}
- keys %{$objdump->{RPATH}}
- ) {
+ foreach my $rpath (map {File::Spec->canonpath($_)}@rpaths) {
next
if $rpath
=~ m,^/usr/lib/(?:$madir/)?(?:games/)?(?:\Q$pkg\E|\Q$srcpkg\E)(?:/|\z),;
diff --git a/collection/objdump-info.desc b/collection/objdump-info.desc
index cb64e9a..db3993f 100644
--- a/collection/objdump-info.desc
+++ b/collection/objdump-info.desc
@@ -3,6 +3,6 @@ Author: Christian Schwarz <schwarz@debian.org>
Info: This script runs objdump(1) over all binaries and object files of a
binary package.
Type: binary, udeb
-Version: 5
+Version: 6
Needs-Info: file-info, unpacked
Interface: perl-coll
diff --git a/debian/changelog b/debian/changelog
index eeeaef0..545c162 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ lintian (2.5.50) UNRELEASED; urgency=medium
XXX: generate tag summary with private/generate-tag-summary
+ * checks/binaries.{desc,pm}:
+ + [NT] Handle RUNPATH like we handle RPATH. (Closes: #844903)
* checks/cruft.desc:
+ [BR] Detect utf convert non free code.
(Closes: #843595)
@@ -13,6 +15,9 @@ lintian (2.5.50) UNRELEASED; urgency=medium
"Allow debhelper "--with" addons to be quoted".
(Closes: #839822)
+ * collection/objdump-info.desc:
+ + [NT] Bump version due to RUNPATH collection.
+
* data/binaries/embedded-libs:
+ [BR] Allow openssl1.0 as source package. (Closes: #843406).
* data/spelling/corrections:
@@ -20,6 +25,12 @@ lintian (2.5.50) UNRELEASED; urgency=medium
* data/files/privacy-breaker-websites:
+ [BR] Detect more logos.
+ * helpers/coll/objdump-info-helper:
+ + [NT] Extract RUNPATH from binaries as well.
+
+ * lib/Lintian/Collect/Binary.pm:
+ + [NT] Expose RUNPATH when set in the binary.
+
-- Niels Thykier <niels@thykier.net> Wed, 26 Oct 2016 20:42:18 +0000
lintian (2.5.49) unstable; urgency=medium
diff --git a/helpers/coll/objdump-info-helper b/helpers/coll/objdump-info-helper
index b738e6f..036b065 100755
--- a/helpers/coll/objdump-info-helper
+++ b/helpers/coll/objdump-info-helper
@@ -169,7 +169,7 @@ while (my $line = <$readelf>) {
my ($type, $value) = ($1, $2);
my $keep = 0;
- if ($type eq 'RPATH') {
+ if ($type eq 'RPATH' or $type eq 'RUNPATH') {
$value =~ s/.*\[//;
$value =~ s/\]\s*$//;
$keep = 1;
diff --git a/lib/Lintian/Collect/Binary.pm b/lib/Lintian/Collect/Binary.pm
index 075e5bf..e2c8afd 100644
--- a/lib/Lintian/Collect/Binary.pm
+++ b/lib/Lintian/Collect/Binary.pm
@@ -417,7 +417,7 @@ sub objdump_info {
next unless $data;
# Here we just need RPATH and NEEDS, so ignore the rest for now
my ($header, $val) = split(m/\s++/, $data, 2);
- if ($header eq 'RPATH') {
+ if ($header eq 'RPATH' or $header eq 'RUNPATH') {
# RPATH is like PATH
foreach my $rpathcomponent (split(m/:/,$val)) {
$info{$header}{$rpathcomponent} = 1;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: