[SCM] Debian package checker branch, master, updated. 2.1.3-24-g999c0d7
The following commit has been merged in the master branch:
commit 999c0d75be35930bcaaa1578b191a2ed0bc05680
Author: Russ Allbery <rra@debian.org>
Date: Mon Dec 29 20:20:50 2008 -0800
Check for brace expansion in debhelper config files
* checks/debhelper{,.desc}:
+ [RA] Check for use of shell brace expansion in debhelper config
files that list filenames, which is not supported. Based on a patch
from Raphael Geissert. (Closes: #480939)
* data/debhelper/filename-config-files:
+ [RA] New file listing debhelper config files containing filenames.
diff --git a/checks/debhelper b/checks/debhelper
index 93186bb..3d6a959 100644
--- a/checks/debhelper
+++ b/checks/debhelper
@@ -31,12 +31,12 @@ use Lintian::Data;
# create one automatically. Currently it always uses compatibility level 5.
# It may be better to look at what version of cdbs the package depends on and
# from that derive the compatibility level....
-
my $cdbscompat = 5;
my $maint_commands = Lintian::Data->new ('debhelper/maint_commands');
my $miscDeps_commands = Lintian::Data->new ('debhelper/miscDepends_commands');
my $dh_commands_depends = Lintian::Data->new ('debhelper/dh_commands', '=');
+my $filename_configs = Lintian::Data->new ('debhelper/filename-config-files');
# The version at which debhelper commands were introduced. Packages that use
# one of these commands must have a dependency on that version of debhelper or
@@ -59,7 +59,7 @@ my $needbuilddepends = '';
my $needtomodifyscripts = '';
my $needversiondepends = '';
my $seenversiondepends = '0';
-my $compat = '';
+my $compat = 0;
my $usescdbs = '';
my $seendhpython = '';
my $usescdbspython = '';
@@ -149,14 +149,35 @@ for my $binpkg (keys %$pkgs) {
and $pkgs->{$binpkg} eq 'deb';
}
-# If we got this far, they need to have #DEBHELPER# in their scripts. Search
-# for scripts that look like maintainer scripts. Also collect dependency
-# information from debian/control and check compatibility level.
+# Check the compat file. Do this separately from looping over all of the
+# other files since we use the compat value when checking for brace expansion.
+if (-f 'debfiles/compat') {
+ $compat = slurp_entire_file('debfiles/compat');
+ $compat =~ s/^\s+$//;
+ if ($compat) {
+ $compat =~ s/\s+$//;
+ if ($needversiondepends) {
+ tag 'declares-possibly-conflicting-debhelper-compat-versions',
+ "rules=$needversiondepends compat=$compat";
+ } else {
+ $needversiondepends = $compat;
+ }
+ } else {
+ tag 'debhelper-compat-file-is-empty';
+ }
+}
+
+# Check the files in the debian directory for various debhelper-related
+# things.
my $bdepends;
opendir(DEBIAN, 'debfiles')
or fail("Can't open debfiles directory.");
while (defined(my $file=readdir(DEBIAN))) {
if ($file =~ m/^(?:(.*)\.)?(?:post|pre)(?:inst|rm)$/) {
+ next unless $needtomodifyscripts;
+
+ # They need to have #DEBHELPER# in their scripts. Search for scripts
+ # that look like maintainer scripts and make sure the token is there.
my $binpkg = $1 || '';
open(IN, '<', "debfiles/$file")
or fail("Can't open debfiles/$file: $!");
@@ -168,31 +189,17 @@ while (defined(my $file=readdir(DEBIAN))) {
}
}
close IN;
-
- if ((! $seentag) and $needtomodifyscripts) {
+ if (!$seentag) {
unless (($binpkg && exists($pkgs->{$binpkg})
&& ($pkgs->{$binpkg} eq 'udeb'))
or (!$binpkg && ($single_pkg eq 'udeb'))) {
tag "maintainer-script-lacks-debhelper-token", "debian/$file";
}
}
- } elsif ($file =~ m/^compat$/) {
- open (IN, '<', "debfiles/$file")
- or fail("Can't open debfiles/$file: $!");
- $compat = <IN>;
- close IN;
- if ($compat) {
- chomp $compat;
- if ($needversiondepends) {
- tag "declares-possibly-conflicting-debhelper-compat-versions", "rules=$needversiondepends compat=$compat";
- } else {
- $needversiondepends = $compat;
- }
- } else {
- tag "debhelper-compat-file-is-empty", "";
- }
} elsif ($file =~ m/^control$/) {
my ($control) = read_dpkg_control("debfiles/$file");
+
+ # Collect dependency information from debian/control.
$bdepends = '';
for my $field ('build-depends', 'build-depends-indep') {
next unless $control->{$field};
@@ -210,6 +217,28 @@ while (defined(my $file=readdir(DEBIAN))) {
}
} elsif ($file =~ m/^ex\.|\.ex$/i) {
tag "dh-make-template-in-source", "debian/$file";
+ } else {
+ my $base = $file;
+ $base =~ s/^[.]+\.//;
+
+ # Check whether this is a debhelper config file that takes a list of
+ # filenames. If so, check it for brace expansions, which aren't
+ # supported.
+ if ($filename_configs->known($base)) {
+ next if $compat < 3;
+ open (IN, '<', "debfiles/$file")
+ or fail("Can't open debfiles/$file: $!");
+ local $_;
+ while (<IN>) {
+ next if /^\s*$/;
+ next if (/^\#/ and $compat >= 5);
+ if (m/(?<!\\)\{(?:[^\s\\\}]+?,)+[^\\\}\s]+\}/) {
+ tag 'brace-expansion-in-debhelper-config-file',
+ "debian/$file";
+ }
+ }
+ close IN;
+ }
}
}
closedir(DEBIAN);
@@ -248,4 +277,8 @@ if ($needversiondepends < 4) {
1;
-# vim: syntax=perl
+# Local Variables:
+# indent-tabs-mode: t
+# cperl-indent-level: 4
+# End:
+# vim: syntax=perl sw=4 ts=8 noet shiftround
diff --git a/checks/debhelper.desc b/checks/debhelper.desc
index 2a00357..7f99aac 100644
--- a/checks/debhelper.desc
+++ b/checks/debhelper.desc
@@ -135,3 +135,12 @@ Info: The given debhelper script was introduced in a later version of
etch was released with debhelper version 5.0.42, so every package that
assumes a newer version should explicetly declare so for the sake of
etch backports.
+
+Tag: brace-expansion-in-debhelper-config-file
+Severity: normal
+Certainty: possible
+Info: This debhelper config file appears to use shell brace expansion
+ (such as <tt>{foo,bar}</tt>) to specify files. This happens to work due
+ to an accident of implementation but is not a supported feature. Only
+ <tt>?</tt>, <tt>*</tt>, and <tt>[...]</tt> are supported.
+Ref: debhelper(1)
diff --git a/data/debhelper/filename-config-files b/data/debhelper/filename-config-files
new file mode 100644
index 0000000..ff58d02
--- /dev/null
+++ b/data/debhelper/filename-config-files
@@ -0,0 +1,13 @@
+# This is a list of known debhelper config files which consist of a list
+# of filenames. It's used for tests that look for problems in debhelper
+# processing of file names, such as using glob characters that aren't
+# guaranteed to work.
+
+dirs
+docs
+examples
+info
+install
+manpages
+sgmlcatalogs
+wm
diff --git a/debian/changelog b/debian/changelog
index e719819..c7b0f3e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ lintian (2.1.4) UNRELEASED; urgency=low
* Summary of tag changes:
+ Added
+ - brace-expansion-in-debhelper-config-file
- control-interpreter-in-usr-local (split from
interpreter-in-usr-local)
- control-interpreter-without-depends
@@ -19,6 +20,10 @@ lintian (2.1.4) UNRELEASED; urgency=low
+ [RA] Warn (severity: wishlist) about the old dh_make packaging
copyright, which used (C) without the word or symbol. Based on a
patch by Raphael Geissert. (Closes: #497347)
+ * checks/debhelper{,.desc}:
+ + [RA] Check for use of shell brace expansion in debhelper config
+ files that list filenames, which is not supported. Based on a patch
+ from Raphael Geissert. (Closes: #480939)
* checks/menu-format{,.desc}:
+ [RA] If a *.desktop file contains a MimeType key, check that the
postinst calls update-desktop-database. (Closes: #488832)
@@ -45,6 +50,9 @@ lintian (2.1.4) UNRELEASED; urgency=low
+ [RA] New check-tag target which runs all test cases in the new test
suite that check for or against a particular tag.
+ * data/debhelper/filename-config-files:
+ + [RA] New file listing debhelper config files containing filenames.
+
* frontend/lintian:
+ [RA] When processing the entire archive, do so in sorted order.
diff --git a/t/tests/6000_debhelper-brace-expansion.desc b/t/tests/6000_debhelper-brace-expansion.desc
new file mode 100644
index 0000000..269bd5b
--- /dev/null
+++ b/t/tests/6000_debhelper-brace-expansion.desc
@@ -0,0 +1,5 @@
+Testname: debhelper-brace-expansion
+Version: 1.0
+Description: Check for brace expansion in debhelper config files
+Test-For: brace-expansion-in-debhelper-config-file
+References: Debian Bug#480939
diff --git a/t/tests/debhelper-brace-expansion/debian/debian/install b/t/tests/debhelper-brace-expansion/debian/debian/install
new file mode 100644
index 0000000..c0a7ccb
--- /dev/null
+++ b/t/tests/debhelper-brace-expansion/debian/debian/install
@@ -0,0 +1 @@
+{foo,bar}.txt usr/share/debhelper
diff --git a/t/tests/debhelper-brace-expansion/debian/debian/rules b/t/tests/debhelper-brace-expansion/debian/debian/rules
new file mode 100755
index 0000000..737231b
--- /dev/null
+++ b/t/tests/debhelper-brace-expansion/debian/debian/rules
@@ -0,0 +1,9 @@
+#!/usr/bin/make -f
+%:
+ dh $@
+
+# Skip dh_install since there are braces in the install configuration file and
+# it would error out on at least some systems.
+binary:
+ dh binary --before dh_install
+ dh binary --after dh_install
diff --git a/t/tests/debhelper-brace-expansion/tags b/t/tests/debhelper-brace-expansion/tags
new file mode 100644
index 0000000..df8a49c
--- /dev/null
+++ b/t/tests/debhelper-brace-expansion/tags
@@ -0,0 +1 @@
+W: debhelper-brace-expansion source: brace-expansion-in-debhelper-config-file debian/install
--
Debian package checker
Reply to: