[dpkg] 128/192: dpkg-deb: Sanity check config maintainer script file type and permissions

Ximin Luo infinity0 at debian.org
Tue Oct 17 11:04:10 UTC 2017 

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch pu/reproducible_builds
in repository dpkg.

commit cd791ccf8117398ea765eda3a92db52a9cf04c23
Author: Guillem Jover <guillem at debian.org>
Date:   Sun Sep 17 12:04:15 2017 +0200

    dpkg-deb: Sanity check config maintainer script file type and permissions
    
    This is a well-known executable maintainer script, that ideally should
    be handled by dpkg itself. But for now we will at least sanity check its
    file type and permissions.
---
 debian/changelog | 2 ++
 dpkg-deb/build.c | 1 +
 lib/dpkg/dpkg.h  | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 196e239..6115f76 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,6 +13,8 @@ dpkg (1.19.0) UNRELEASED; urgency=medium
   * Fix integer overflow in deb(5) format version parser.
     Closes: #868356
   * Re-enable upstream tar signatures when building source format 1.0.
+  * Make dpkg-deb --build sanity check the config maintainer script file type
+    and permissions.
   * Perl modules:
     - Switch from Dpkg::Util to List::Util, now that the module in the
       new required Perl contains the needed functions.
diff --git a/dpkg-deb/build.c b/dpkg-deb/build.c
index a92b58e..ade48dc 100644
--- a/dpkg-deb/build.c
+++ b/dpkg-deb/build.c
@@ -198,6 +198,7 @@ static const char *const maintainerscripts[] = {
   POSTINSTFILE,
   PRERMFILE,
   POSTRMFILE,
+  MAINTSCRIPT_FILE_CONFIG,
   NULL,
 };
 
diff --git a/lib/dpkg/dpkg.h b/lib/dpkg/dpkg.h
index c7ada8a..19b7914 100644
--- a/lib/dpkg/dpkg.h
+++ b/lib/dpkg/dpkg.h
@@ -71,6 +71,8 @@ DPKG_BEGIN_DECLS
 #define POSTINSTFILE       "postinst"
 #define PRERMFILE          "prerm"
 #define POSTRMFILE         "postrm"
+/* Debconf config maintainer script. */
+#define MAINTSCRIPT_FILE_CONFIG		"config"
 #define TRIGGERSCIFILE     "triggers"
 
 #define STATUSFILE        "status"

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git

More information about the Reproducible-commits mailing list