[lintian] 01/01: Fix false negatives on command-with-path-in-maintainer-script
This is an automated email from the git hooks/post-receive script.
broucaries-guest pushed a commit to branch master
in repository lintian.
commit d4b2520ec618403304dcce98a0605891477bfa05
Author: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
Date: Mon Nov 17 19:43:47 2014 +0100
Fix false negatives on command-with-path-in-maintainer-script
Detect env and [ ! -x something ] form
Signed-off-by: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
---
checks/scripts.desc | 2 ++
checks/scripts.pm | 14 +++++++++++++-
debian/changelog | 6 +++++-
t/tests/scripts-maintainer-general/debian/debian/postinst | 12 ++++++++++++
4 files changed, 32 insertions(+), 2 deletions(-)
diff --git a/checks/scripts.desc b/checks/scripts.desc
index 6d4b33b..9591a1b 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -658,6 +658,8 @@ Info: The indicated program run in a maintainer script has a prepended
.
If the path is required to test a program for existence, one of the suggested
workarounds in the developer's reference can be used.
+ .
+ See particularly function pathfind() of devref.
Ref: policy 6.1, devref 6.4
Tag: maintainer-script-should-not-use-ancient-dpkg-epoch-check
diff --git a/checks/scripts.pm b/checks/scripts.pm
index e88161f..f92b81a 100644
--- a/checks/scripts.pm
+++ b/checks/scripts.pm
@@ -84,7 +84,8 @@ my $VERSIONED_INTERPRETERS
# When detecting commands inside shell scripts, use this regex to match the
# beginning of the command rather than checking whether the command is at the
# beginning of a line.
-my $LEADINSTR = '(?:(?:^|[`&;(|{])\s*|(?:if|then|do|while)\s+)';
+my $LEADINSTR
+ = '(?:(?:^|[`&;(|{])\s*|(?:if|then|do|while)\s+|env(?:\s+[[:alnum:]_]+=(?:\S+|\"[^"]*\"|\'[^\']*\'))*\s+)';
my $LEADIN = qr/$LEADINSTR/;
#forbidden command in maintainer scripts
@@ -859,6 +860,17 @@ sub run {
}
}
my $cmd = $_;
+ # check for test syntax
+ if(
+ $cmd =~ m{\[\s+
+ (?:!\s+)? -x \s+
+ (/(?:usr/)?s?bin/[\w.+-]+)
+ \s+ \]}xsm
+ ){
+ tag 'command-with-path-in-maintainer-script',
+ "$file:$. $1";
+ }
+
$cmd =~ s/\`[^\`]+\`//g;
if ($cmd =~ m,$LEADIN(/(?:usr/)?s?bin/[\w.+-]+)(?:\s|;|$),)
{
diff --git a/debian/changelog b/debian/changelog
index 1c4ac0e..ab3e587 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,7 +10,11 @@ lintian (2.5.31) UNRELEASED; urgency=medium
* checks/files.{desc,pm}:
+ [BR] Rename compressed-objects.inv to
file-should-not-be-compressed and use it for doxygen
- map.gz (Closes: #751949).
+ map.gz. (Closes: #751949).
+ * checks/script.{desc,pm}:
+ + [BR] Fix some false negatives for
+ command-with-path-in-maintainer-script tag.
+ (Closes: #769845).
* checks/source-copyright.{desc,pm}:
+ [BR] Fix a false positive for
missing-license-paragraph-in-dep5-copyright tag.
diff --git a/t/tests/scripts-maintainer-general/debian/debian/postinst b/t/tests/scripts-maintainer-general/debian/debian/postinst
index 96e0d04..755d4a1 100755
--- a/t/tests/scripts-maintainer-general/debian/debian/postinst
+++ b/t/tests/scripts-maintainer-general/debian/debian/postinst
@@ -170,4 +170,16 @@ adduser --system --ingroup smmta --home "/var/lib/sendmail" \
echo "You can use update-alternatives --config runsystem to select"
echo "the runsystem to use."
+# false negative
+DIVERSIONS=`env LC_ALL=C /usr/sbin/dpkg-divert --list | grep -E 'by amule(-utils)?$'` || true
+DIVERSIONS=`env LC_ALL="C" /usr/sbin/dpkg-divert --list | grep -E 'by amule(-utils)?$'` || true
+DIVERSIONS=`env LC_ALL='C' /usr/sbin/dpkg-divert --list | grep -E 'by amule(-utils)?$'` || true
+
+if [ ! -x /usr/sbin/dpkg-state-override ] || \
+ ! dpkg-state-override > /dev/null
+then
+ true;
+fi
+
+
#DEBHELPER#
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: