[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SCM] Debian package checker branch, master, updated. 2.1.3-24-g999c0d7

The following commit has been merged in the master branch:
commit 999c0d75be35930bcaaa1578b191a2ed0bc05680
Author: Russ Allbery <rra@debian.org>
Date:   Mon Dec 29 20:20:50 2008 -0800

    Check for brace expansion in debhelper config files
    
    * checks/debhelper{,.desc}:
      + [RA] Check for use of shell brace expansion in debhelper config
        files that list filenames, which is not supported.  Based on a patch
        from Raphael Geissert.  (Closes: #480939)
    * data/debhelper/filename-config-files:
      + [RA] New file listing debhelper config files containing filenames.

diff --git a/checks/debhelper b/checks/debhelper
index 93186bb..3d6a959 100644
--- a/checks/debhelper
+++ b/checks/debhelper
@@ -31,12 +31,12 @@ use Lintian::Data;
 # create one automatically.  Currently it always uses compatibility level 5.
 # It may be better to look at what version of cdbs the package depends on and
 # from that derive the compatibility level....
-
 my $cdbscompat = 5;
 
 my $maint_commands = Lintian::Data->new ('debhelper/maint_commands');
 my $miscDeps_commands = Lintian::Data->new ('debhelper/miscDepends_commands');
 my $dh_commands_depends = Lintian::Data->new ('debhelper/dh_commands', '=');
+my $filename_configs = Lintian::Data->new ('debhelper/filename-config-files');
 
 # The version at which debhelper commands were introduced.  Packages that use
 # one of these commands must have a dependency on that version of debhelper or
@@ -59,7 +59,7 @@ my $needbuilddepends = '';
 my $needtomodifyscripts = '';
 my $needversiondepends = '';
 my $seenversiondepends = '0';
-my $compat = '';
+my $compat = 0;
 my $usescdbs = '';
 my $seendhpython = '';
 my $usescdbspython = '';
@@ -149,14 +149,35 @@ for my $binpkg (keys %$pkgs) {
 	   and $pkgs->{$binpkg} eq 'deb';
 }
 
-# If we got this far, they need to have #DEBHELPER# in their scripts.  Search
-# for scripts that look like maintainer scripts.  Also collect dependency
-# information from debian/control and check compatibility level.
+# Check the compat file.  Do this separately from looping over all of the
+# other files since we use the compat value when checking for brace expansion.
+if (-f 'debfiles/compat') {
+    $compat = slurp_entire_file('debfiles/compat');
+    $compat =~ s/^\s+$//;
+    if ($compat) {
+	$compat =~ s/\s+$//;
+	if ($needversiondepends) {
+	    tag 'declares-possibly-conflicting-debhelper-compat-versions',
+		"rules=$needversiondepends compat=$compat";
+	} else {
+	    $needversiondepends = $compat;
+	}
+    } else {
+	tag 'debhelper-compat-file-is-empty';
+    }
+}
+
+# Check the files in the debian directory for various debhelper-related
+# things.
 my $bdepends;
 opendir(DEBIAN, 'debfiles')
     or fail("Can't open debfiles directory.");
 while (defined(my $file=readdir(DEBIAN))) {
     if ($file =~ m/^(?:(.*)\.)?(?:post|pre)(?:inst|rm)$/) {
+	next unless $needtomodifyscripts;
+
+	# They need to have #DEBHELPER# in their scripts.  Search for scripts
+	# that look like maintainer scripts and make sure the token is there.
         my $binpkg = $1 || '';
 	open(IN, '<', "debfiles/$file")
 	    or fail("Can't open debfiles/$file: $!");
@@ -168,31 +189,17 @@ while (defined(my $file=readdir(DEBIAN))) {
 	    }
 	}
 	close IN;
-
-	if ((! $seentag) and $needtomodifyscripts) {
+	if (!$seentag) {
 	    unless (($binpkg && exists($pkgs->{$binpkg})
 		     && ($pkgs->{$binpkg} eq 'udeb'))
 		    or (!$binpkg && ($single_pkg eq 'udeb'))) {
 		tag "maintainer-script-lacks-debhelper-token", "debian/$file";
 	    }
 	}
-    } elsif ($file =~ m/^compat$/) {
-	open (IN, '<', "debfiles/$file")
-	    or fail("Can't open debfiles/$file: $!");
-	$compat = <IN>;
-	close IN;
-	if ($compat) {
-	    chomp $compat;
-	    if ($needversiondepends) {
-		tag "declares-possibly-conflicting-debhelper-compat-versions", "rules=$needversiondepends compat=$compat";
-	    } else {
-		$needversiondepends = $compat;
-	    }
-	} else {
-	    tag "debhelper-compat-file-is-empty", "";
-	}
     } elsif ($file =~ m/^control$/) {
         my ($control) = read_dpkg_control("debfiles/$file");
+
+	# Collect dependency information from debian/control.
         $bdepends = '';
         for my $field ('build-depends', 'build-depends-indep') {
             next unless $control->{$field};
@@ -210,6 +217,28 @@ while (defined(my $file=readdir(DEBIAN))) {
 	}
     } elsif ($file =~ m/^ex\.|\.ex$/i) {
         tag "dh-make-template-in-source", "debian/$file";
+    } else {
+	my $base = $file;
+	$base =~ s/^[.]+\.//;
+
+	# Check whether this is a debhelper config file that takes a list of
+	# filenames.  If so, check it for brace expansions, which aren't
+	# supported.
+	if ($filename_configs->known($base)) {
+	    next if $compat < 3;
+	    open (IN, '<', "debfiles/$file")
+		or fail("Can't open debfiles/$file: $!");
+	    local $_;
+	    while (<IN>) {
+		next if /^\s*$/;
+		next if (/^\#/ and $compat >= 5);
+		if (m/(?<!\\)\{(?:[^\s\\\}]+?,)+[^\\\}\s]+\}/) {
+		    tag 'brace-expansion-in-debhelper-config-file',
+			"debian/$file";
+		}
+	    }
+	    close IN;
+	}
     }
 }
 closedir(DEBIAN);
@@ -248,4 +277,8 @@ if ($needversiondepends < 4) {
 
 1;
 
-# vim: syntax=perl
+# Local Variables:
+# indent-tabs-mode: t
+# cperl-indent-level: 4
+# End:
+# vim: syntax=perl sw=4 ts=8 noet shiftround
diff --git a/checks/debhelper.desc b/checks/debhelper.desc
index 2a00357..7f99aac 100644
--- a/checks/debhelper.desc
+++ b/checks/debhelper.desc
@@ -135,3 +135,12 @@ Info: The given debhelper script was introduced in a later version of
  etch was released with debhelper version 5.0.42, so every package that
  assumes a newer version should explicetly declare so for the sake of
  etch backports.
+
+Tag: brace-expansion-in-debhelper-config-file
+Severity: normal
+Certainty: possible
+Info: This debhelper config file appears to use shell brace expansion
+ (such as <tt>{foo,bar}</tt>) to specify files.  This happens to work due
+ to an accident of implementation but is not a supported feature.  Only
+ <tt>?</tt>, <tt>*</tt>, and <tt>[...]</tt> are supported.
+Ref: debhelper(1)
diff --git a/data/debhelper/filename-config-files b/data/debhelper/filename-config-files
new file mode 100644
index 0000000..ff58d02
--- /dev/null
+++ b/data/debhelper/filename-config-files
@@ -0,0 +1,13 @@
+# This is a list of known debhelper config files which consist of a list
+# of filenames.  It's used for tests that look for problems in debhelper
+# processing of file names, such as using glob characters that aren't
+# guaranteed to work.
+
+dirs
+docs
+examples
+info
+install
+manpages
+sgmlcatalogs
+wm
diff --git a/debian/changelog b/debian/changelog
index e719819..c7b0f3e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ lintian (2.1.4) UNRELEASED; urgency=low
 
   * Summary of tag changes:
     + Added
+      - brace-expansion-in-debhelper-config-file
       - control-interpreter-in-usr-local (split from
          interpreter-in-usr-local)
       - control-interpreter-without-depends
@@ -19,6 +20,10 @@ lintian (2.1.4) UNRELEASED; urgency=low
     + [RA] Warn (severity: wishlist) about the old dh_make packaging
       copyright, which used (C) without the word or symbol.  Based on a
       patch by Raphael Geissert.  (Closes: #497347)
+  * checks/debhelper{,.desc}:
+    + [RA] Check for use of shell brace expansion in debhelper config
+      files that list filenames, which is not supported.  Based on a patch
+      from Raphael Geissert.  (Closes: #480939)
   * checks/menu-format{,.desc}:
     + [RA] If a *.desktop file contains a MimeType key, check that the
       postinst calls update-desktop-database.  (Closes: #488832)
@@ -45,6 +50,9 @@ lintian (2.1.4) UNRELEASED; urgency=low
     + [RA] New check-tag target which runs all test cases in the new test
       suite that check for or against a particular tag.
 
+  * data/debhelper/filename-config-files:
+    + [RA] New file listing debhelper config files containing filenames.
+
   * frontend/lintian:
     + [RA] When processing the entire archive, do so in sorted order.
 
diff --git a/t/tests/6000_debhelper-brace-expansion.desc b/t/tests/6000_debhelper-brace-expansion.desc
new file mode 100644
index 0000000..269bd5b
--- /dev/null
+++ b/t/tests/6000_debhelper-brace-expansion.desc
@@ -0,0 +1,5 @@
+Testname: debhelper-brace-expansion
+Version: 1.0
+Description: Check for brace expansion in debhelper config files
+Test-For: brace-expansion-in-debhelper-config-file
+References: Debian Bug#480939
diff --git a/t/tests/debhelper-brace-expansion/debian/debian/install b/t/tests/debhelper-brace-expansion/debian/debian/install
new file mode 100644
index 0000000..c0a7ccb
--- /dev/null
+++ b/t/tests/debhelper-brace-expansion/debian/debian/install
@@ -0,0 +1 @@
+{foo,bar}.txt usr/share/debhelper
diff --git a/t/tests/debhelper-brace-expansion/debian/debian/rules b/t/tests/debhelper-brace-expansion/debian/debian/rules
new file mode 100755
index 0000000..737231b
--- /dev/null
+++ b/t/tests/debhelper-brace-expansion/debian/debian/rules
@@ -0,0 +1,9 @@
+#!/usr/bin/make -f
+%:
+	dh $@
+
+# Skip dh_install since there are braces in the install configuration file and
+# it would error out on at least some systems.
+binary:
+	dh binary --before dh_install
+	dh binary --after dh_install
diff --git a/t/tests/debhelper-brace-expansion/tags b/t/tests/debhelper-brace-expansion/tags
new file mode 100644
index 0000000..df8a49c
--- /dev/null
+++ b/t/tests/debhelper-brace-expansion/tags
@@ -0,0 +1 @@
+W: debhelper-brace-expansion source: brace-expansion-in-debhelper-config-file debian/install

-- 
Debian package checker
Reply to: