[lintian] 01/01: Check that maintainer scripts start with #!. (Closes: #843428)

To: debian-lint-maint@lists.debian.org
Subject: [lintian] 01/01: Check that maintainer scripts start with #!. (Closes: #843428)
From: Chris Lamb <chris@chris-lamb.co.uk>
Date: Sun, 08 Oct 2017 08:19:17 +0000
Message-id: <[🔎] E1e16nt-0002zH-Bd@moszumanska.debian.org>
Reply-to: Chris Lamb <lamby@debian.org>
In-reply-to: <[🔎] 20171008081908.10911.36021@moszumanska.debian.org>
References: <[🔎] 20171008081908.10911.36021@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

lamby pushed a commit to branch maint-scripts-missing-interpreter-843428
in repository lintian.

commit 4c06631753449b6baed1264932d684766597b615
Author: Chris Lamb <lamby@debian.org>
Date:   Thu Jul 20 22:58:44 2017 +0100

    Check that maintainer scripts start with #!. (Closes: #843428)
---
 collection/scripts                                          | 13 +++++++++++--
 debian/changelog                                            |  3 +++
 .../debian/debian/postinst                                  |  9 +++++++++
 .../debian/debian/postrm                                    |  7 +++++++
 .../scripts-does-not-start-with-shebang/debian/debian/rules |  8 ++++++++
 t/tests/scripts-does-not-start-with-shebang/debian/true.c   |  5 +++++
 t/tests/scripts-does-not-start-with-shebang/desc            |  6 ++++++
 t/tests/scripts-does-not-start-with-shebang/tags            |  1 +
 8 files changed, 50 insertions(+), 2 deletions(-)

diff --git a/collection/scripts b/collection/scripts
index 1fabc86..f4b5fa3 100755
--- a/collection/scripts
+++ b/collection/scripts
@@ -69,8 +69,17 @@ sub collect {
     open(my $ctrl_fd, '>', "$dir/control-scripts");
     for my $path ($info->control_index('')->children) {
         next unless $path->is_open_ok;
-        my $scriptpath = shebang_line($path);
-        next unless defined($scriptpath);
+        # Only collect maintainer scripts
+        next unless $path =~ m/^(pre|post)(inst|rm)$/;
+
+        # Allow ELF binaries
+        my $magic;
+        my $fd = $path->open;
+        if (read($fd, $magic, 4)) {
+            next if $magic eq "\x7FELF";
+        }
+        close($fd);
+        my $scriptpath = shebang_line($path) // '';
 
         # Remove everything after the first space (i.e. any options)
         $scriptpath =~ s/\s++ .++ \Z//xsm;
diff --git a/debian/changelog b/debian/changelog
index e549e03..57a0633 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -82,6 +82,9 @@ lintian (2.5.52) UNRELEASED; urgency=medium
     + [CL] Factor out hard-coded list of possible upstream key locations
       to the "common/signing-key-filenames" Lintian::Data resource.
 
+  * collection/scripts:
+    + [CL] Check that maintainer scripts start with #!.  (Closes: #843428)
+
   * commands/lintian.pm:
     + [NT] Attempt to clean up on SIGTERM (like with SIGINT).
     + [CL] Allow the use of suppress-tags=<tag>[,<tag>[,<tag>]] in
diff --git a/t/tests/scripts-does-not-start-with-shebang/debian/debian/postinst b/t/tests/scripts-does-not-start-with-shebang/debian/debian/postinst
new file mode 100644
index 0000000..9438152
--- /dev/null
+++ b/t/tests/scripts-does-not-start-with-shebang/debian/debian/postinst
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+# This file should not be triggered by script-without-interpreter
+
+set -e
+
+true
+
+#DEBHELPER#
diff --git a/t/tests/scripts-does-not-start-with-shebang/debian/debian/postrm b/t/tests/scripts-does-not-start-with-shebang/debian/debian/postrm
new file mode 100644
index 0000000..5a2a7e7
--- /dev/null
+++ b/t/tests/scripts-does-not-start-with-shebang/debian/debian/postrm
@@ -0,0 +1,7 @@
+# This file should be triggered by script-without-interpreter
+
+set -e
+
+true
+
+#DEBHELPER#
diff --git a/t/tests/scripts-does-not-start-with-shebang/debian/debian/rules b/t/tests/scripts-does-not-start-with-shebang/debian/debian/rules
new file mode 100755
index 0000000..84ab89a
--- /dev/null
+++ b/t/tests/scripts-does-not-start-with-shebang/debian/debian/rules
@@ -0,0 +1,8 @@
+#!/usr/bin/make -f
+
+%:
+	dh $@
+
+override_dh_installdeb:
+	dh_installdeb
+	gcc -o debian/$(shell dh_listpackages)/DEBIAN/preinst true.c
diff --git a/t/tests/scripts-does-not-start-with-shebang/debian/true.c b/t/tests/scripts-does-not-start-with-shebang/debian/true.c
new file mode 100644
index 0000000..8479e67
--- /dev/null
+++ b/t/tests/scripts-does-not-start-with-shebang/debian/true.c
@@ -0,0 +1,5 @@
+int
+main(void)
+{
+    return 0;
+}
diff --git a/t/tests/scripts-does-not-start-with-shebang/desc b/t/tests/scripts-does-not-start-with-shebang/desc
new file mode 100644
index 0000000..f999796
--- /dev/null
+++ b/t/tests/scripts-does-not-start-with-shebang/desc
@@ -0,0 +1,6 @@
+Testname: scripts-does-not-start-with-shebang
+Type: native
+Version: 1.0
+Description: Check for maintainer scripts that do not start with #!
+Test-For:
+ script-without-interpreter
diff --git a/t/tests/scripts-does-not-start-with-shebang/tags b/t/tests/scripts-does-not-start-with-shebang/tags
new file mode 100644
index 0000000..c93921a
--- /dev/null
+++ b/t/tests/scripts-does-not-start-with-shebang/tags
@@ -0,0 +1 @@
+E: scripts-does-not-start-with-shebang: script-without-interpreter control/postrm

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git

Reply to:

References:
- [lintian] branch maint-scripts-missing-interpreter-843428 created (now 4c06631)
  - From: Chris Lamb <chris@chris-lamb.co.uk>

Prev by Date: [lintian] 01/02: Factor out hard-coded list of possible upstream key locations to the "common/signing-key-filenames" Lintian::Data resource.
Next by Date: [lintian] 02/02: Check for the presence of a signature if an upstream signing key is present. (Closes: #833585)
Previous by thread: [lintian] branch maint-scripts-missing-interpreter-843428 created (now 4c06631)
Next by thread: [lintian] branch new-package-packages-python2-module created (now 51a7a2a)
Index(es):
- Date
- Thread