* [PATCH 0/1] insane.bbclass: make the checking stricter for unsafe references in scripts
@ 2016-02-19 2:38 Chen Qi
2016-02-19 2:38 ` [PATCH 1/1] " Chen Qi
0 siblings, 1 reply; 2+ messages in thread
From: Chen Qi @ 2016-02-19 2:38 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 31af4a37c429bb1db8bfc64242b2963220f9a0e1:
oeqa/parselogs: Whitelist dmi firmware failure message in 4.4 kernels (2016-02-16 23:53:43 +0000)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib ChenQi/qa-unsafe
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=ChenQi/qa-unsafe
Chen Qi (1):
insane.bbclass: make the checking stricter for unsafe references in
scripts
meta/classes/insane.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
1.9.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH 1/1] insane.bbclass: make the checking stricter for unsafe references in scripts
2016-02-19 2:38 [PATCH 0/1] insane.bbclass: make the checking stricter for unsafe references in scripts Chen Qi
@ 2016-02-19 2:38 ` Chen Qi
0 siblings, 0 replies; 2+ messages in thread
From: Chen Qi @ 2016-02-19 2:38 UTC (permalink / raw)
To: openembedded-core
From: Chen Qi <qi.chen@windriver.com>
Previously, the checking for unsafe references is not strict enough. It
only checks whether '/usr/' is in the script. As a result, any script
containing statements like below will match this check.
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
However, as we can see, this is actually not an unsafe reference. What
we really want to check is something like '/usr/bin/tail', so we should
make the checking stricter.
This patch solves the QA warning in gzip and nfs-utils.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
meta/classes/insane.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index aef08fe..96851a3 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -428,7 +428,7 @@ def package_qa_check_unsafe_references_in_scripts(path, name, d, elf, messages):
if bool(statinfo.st_mode & stat.S_IXUSR):
# grep shell scripts for possible references to /exec_prefix/
exec_prefix = d.getVar('exec_prefix', True)
- statement = "grep -e '%s/' %s > /dev/null" % (exec_prefix, path)
+ statement = "grep -e '%s/[^ :]\{1,\}/[^ :]\{1,\}' %s > /dev/null" % (exec_prefix, path)
if subprocess.call(statement, shell=True) == 0:
error_msg = pn + ": Found a reference to %s/ in %s" % (exec_prefix, path)
package_qa_handle_error("unsafe-references-in-scripts", error_msg, d)
--
1.9.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-02-19 2:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-02-19 2:38 [PATCH 0/1] insane.bbclass: make the checking stricter for unsafe references in scripts Chen Qi
2016-02-19 2:38 ` [PATCH 1/1] " Chen Qi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox