Bug#886574: Results in false positives when watch file options contain \".
Package: lintian
Version: 2.5.67
Severity: normal
Tags: patch
Hi,
If your watch file options contain escaped double quotes as in the
attached example, Lintian incorrectly emits warnings for
debian-watch-may-check-gpg-signature and debian-watch-could-verify-download.
I have attached a patch which fixes it.
Best regards,
Carlos
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.14.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages lintian depends on:
ii binutils 2.29.1-13
ii bzip2 1.0.6-8.1
ii diffstat 1.61-1+b1
ii dpkg 1.19.0.4
ii file 1:5.32-1
ii gettext 0.19.8.1-4
ii intltool-debian 0.35.0+20060710.4
ii libapt-pkg-perl 0.1.33
ii libarchive-zip-perl 1.60-1
ii libclass-accessor-perl 0.51-1
ii libclone-perl 0.39-1
ii libdpkg-perl 1.19.0.4
ii libemail-valid-perl 1.202-1
ii libfile-basedir-perl 0.07-1
ii libipc-run-perl 0.96-1
ii liblist-moreutils-perl 0.416-1+b3
ii libparse-debianchangelog-perl 1.2.0-12
ii libperl5.26 [libdigest-sha-perl] 5.26.1-3
ii libtext-levenshtein-perl 0.13-1
ii libtimedate-perl 2.3000-2
ii liburi-perl 1.72-2
ii libxml-simple-perl 2.24-1
ii libyaml-libyaml-perl 0.63-2+b2
ii man-db 2.7.6.1-4
ii patchutils 0.3.4-2
ii perl 5.26.1-3
ii t1utils 1.41-2
ii xz-utils 5.2.2-1.3
Versions of packages lintian recommends:
ii libperlio-gzip-perl 0.19-1+b4
Versions of packages lintian suggests:
ii binutils-multiarch 2.29.1-13
ii dpkg-dev 1.19.0.4
ii libhtml-parser-perl 3.72-3+b2
ii libtext-template-perl 1.47-1
-- no debconf information
version=4
opts="pagemangle=s%\"tarball_url\"[^\"]+\"[^\"]+/v@ANY_VERSION@\"%<a href=\"https://github.com/brunonova/@PACKAGE@/releases/download/v$1/@PACKAGE@_$1.tar.xz\">v$1</a>%g, \
pgpsigurlmangle=s%$%.asc%" \
https://api.github.com/repos/brunonova/@PACKAGE@/tags \
(?:.*)/@PACKAGE@@ANY_VERSION@@ARCHIVE_EXT@ debian uupdate
>From dbb334b279c9d183151cdde4c0c2b6cd9008fe28 Mon Sep 17 00:00:00 2001
From: Carlos Maddela <e7appew@gmail.com>
Date: Mon, 8 Jan 2018 05:16:34 +1100
Subject: [PATCH] Prevent false positives when watch file options contain \".
---
checks/watch-file.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/checks/watch-file.pm b/checks/watch-file.pm
index b4aead305..e464cddfd 100644
--- a/checks/watch-file.pm
+++ b/checks/watch-file.pm
@@ -98,7 +98,7 @@ sub run {
$prerelease_mangle, $prerelease_umangle
) = (0, 0, 0, 0);
my ($opts, @opts);
- if ( s/^opt(?:ion)?s=\"([^\"]+)\"\s+//
+ if ( s/^opt(?:ion)?s=\"((?:[^\"]|\\\")+)\"\s+//
|| s/^opt(?:ion)?s=(\S+)\s+//) {
$opts = $1;
@opts = split($watchver >= 4 ? '\s*,\s*' : ',', $opts);
--
2.15.1
Reply to: