[Reproducible-commits] [dpkg] 10/33: Dpkg::Vendor::Debian: Disable fixdebugpath on unsafe characters in path
Mattia Rizzolo
mattia at debian.org
Mon Aug 1 10:25:26 UTC 2016
This is an automated email from the git hooks/post-receive script.
mattia pushed a commit to branch master
in repository dpkg.
commit a3fe877790c4f8feb6e99bdd49912aeb75c996d1
Author: Guillem Jover <guillem at debian.org>
Date: Wed Jul 6 22:47:25 2016 +0200
Dpkg::Vendor::Debian: Disable fixdebugpath on unsafe characters in path
If the path has any unsafe characters we would need to escape them on
output, but the escaping method depends on how the output is going to
be used, which complicates things a bit. To make it safe to eventually
enable this feature by default, we'll just check for safe characters
and silently disable it otherwise.
---
debian/changelog | 2 ++
scripts/Dpkg/Vendor/Debian.pm | 18 ++++++++++++++++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index b6a2d54..7621023 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ dpkg (1.18.10) UNRELEASED; urgency=medium
[ Guillem Jover ]
* Fix a short-lived memory leak in dpkg archive argument parsing.
+ * Perl modules:
+ - Disable fixdebugpath feature on unsafe characters in the path.
* Documentation:
- Document Testsuite-Triggers in dsc(5).
- Fix deb-changes(5) description to talk about .changes instead of .dsc.
diff --git a/scripts/Dpkg/Vendor/Debian.pm b/scripts/Dpkg/Vendor/Debian.pm
index 160d9f9..29aeece 100644
--- a/scripts/Dpkg/Vendor/Debian.pm
+++ b/scripts/Dpkg/Vendor/Debian.pm
@@ -161,9 +161,25 @@ sub _add_reproducible_flags {
fixdebugpath => 0,
);
+ my $build_path;
+
# Adjust features based on user or maintainer's desires.
$self->_parse_feature_area('reproducible', \%use_feature);
+ # Mask features that might have an unsafe usage.
+ if ($use_feature{fixdebugpath}) {
+ require Cwd;
+
+ $build_path = $ENV{DEB_BUILD_PATH} || Cwd::cwd();
+
+ # If we have any unsafe character in the path, disable the flag,
+ # so that we do not need to worry about escaping the characters
+ # on output.
+ if ($build_path =~ m/[^-+:.0-9a-zA-Z~\/_]/) {
+ $use_feature{fixdebugpath} = 0;
+ }
+ }
+
# Warn when the __TIME__, __DATE__ and __TIMESTAMP__ macros are used.
if ($use_feature{timeless}) {
$flags->append('CPPFLAGS', '-Wdate-time');
@@ -171,8 +187,6 @@ sub _add_reproducible_flags {
# Avoid storing the build path in the debug symbols.
if ($use_feature{fixdebugpath}) {
- require Cwd;
- my $build_path = $ENV{DEB_BUILD_PATH} || Cwd::cwd();
my $map = '-fdebug-prefix-map=' . $build_path . '=.';
$flags->append('CFLAGS', $map);
$flags->append('CXXFLAGS', $map);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git
More information about the Reproducible-commits
mailing list