diff options
author | Chen Qi <qi.chen@windriver.com> | 2013-12-05 10:54:35 -0500 |
---|---|---|
committer | Chen Qi <Qi.Chen@windriver.com> | 2016-02-19 10:34:02 +0800 |
commit | e74382b4ce479b57ebfd9e68bd75bef1c75eeb78 (patch) | |
tree | 0db77e7ed0ccc7d2ac27006f35d6657b300915a0 | |
parent | 31af4a37c429bb1db8bfc64242b2963220f9a0e1 (diff) | |
download | openembedded-core-contrib-ChenQi/qa-unsafe.tar.gz |
insane.bbclass: make the checking stricter for unsafe references in scriptsChenQi/qa-unsafe
Previously, the checking for unsafe references is not strict enough. It
only checks whether '/usr/' is in the script. As a result, any script
containing statements like below will match this check.
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
However, as we can see, this is actually not an unsafe reference. What
we really want to check is something like '/usr/bin/tail', so we should
make the checking stricter.
This patch solves the QA warning in gzip and nfs-utils.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
-rw-r--r-- | meta/classes/insane.bbclass | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass index aef08fe28e..96851a3b61 100644 --- a/meta/classes/insane.bbclass +++ b/meta/classes/insane.bbclass @@ -428,7 +428,7 @@ def package_qa_check_unsafe_references_in_scripts(path, name, d, elf, messages): if bool(statinfo.st_mode & stat.S_IXUSR): # grep shell scripts for possible references to /exec_prefix/ exec_prefix = d.getVar('exec_prefix', True) - statement = "grep -e '%s/' %s > /dev/null" % (exec_prefix, path) + statement = "grep -e '%s/[^ :]\{1,\}/[^ :]\{1,\}' %s > /dev/null" % (exec_prefix, path) if subprocess.call(statement, shell=True) == 0: error_msg = pn + ": Found a reference to %s/ in %s" % (exec_prefix, path) package_qa_handle_error("unsafe-references-in-scripts", error_msg, d) |