Permalink
Browse files

Fix and improve good_dirs / bad_dirs in .deb validation code

This adds git and mercurial files to the list of forbidden version control
"residues", and a FIXME for the weird %p/src exception.

Inspired SF.net patch #1970903.
  • Loading branch information...
1 parent 885766d commit 4cd4de3aefc2a73f79e4469d5b4207b12f23ffc7 @fingolfin fingolfin committed Oct 3, 2011
Showing with 12 additions and 5 deletions.
  1. +2 −0 NEWS
  2. +10 −5 perlmod/Fink/Validation.pm
View
@@ -8,6 +8,8 @@ For a more comprehensive changelog of the latest experimental code, see:
0.32.0 ??? (20??-??-??)
* Added new "RuntimeDepends" field, any .info file that wants to use this
feature must BuildDepend on fink (>= 0.32.0-1)
+ * Improved package validator to reject .deb files including .hg / .git
+ directories.
/-------------
| fink 0.31.x (see https://github.com/fink/fink/tree/branch_0_31)
@@ -1504,9 +1504,11 @@ sub _validate_dpkg {
# these are used in a regex and are automatically prepended with ^
# make sure to protect regex metachars!
- my @bad_dirs = ("$basepath/src/", "$basepath/man/", "$basepath/info/", "$basepath/doc/", "$basepath/libexec/", "$basepath/lib/locale/", ".*/CVS/", ".*/RCS/", '.*/\.svn/', "$basepath/bin/.*/", "$basepath/sbin/.*/");
- my @good_dirs = ( map "$basepath/$_", qw/ bin sbin include lib opt share var etc src Applications Library\/Frameworks / );
- # allow $basepath/Library/ by itself
+ my @bad_dirs = ( map "$basepath/$_/", qw( src man info doc libexec lib/locale bin/.* sbin/.* ) );
+ push(@bad_dirs, ( map ".*/$_/", qw( CVS RCS \.svn \.git \.hg ) ) ); # forbid version control residues
+
+ my @good_dirs = ( map "$basepath/$_/", qw( bin sbin include lib opt share var etc Applications Library/Frameworks ) );
+ # allow $basepath/Library/ by itself, but with nothing below it other than what we explicitly allowed already
# (needed since we allow $basepath/Library/Frameworks)
push(@good_dirs, "$basepath/Library/\$");
push(@good_dirs, '/usr/X11');
@@ -1663,9 +1665,12 @@ sub _validate_dpkg {
&stack_msg($msgs, "File installed outside of $basepath, /Applications/XDarwin.app, /private/etc/fonts, /usr/X11, and /usr/X11R6", $filename);
}
}
- } elsif ($filename ne "$basepath/src/" and @found_bad_dir = grep { $filename =~ /^$_/ } @bad_dirs) {
+ } elsif ($filename eq "$basepath/src/") {
+ # FIXME: For some reason, we allow the inclusion of $basepath/src,
+ # which may exist but must be empty. The reason for this should either
+ # be documented, or this hack be removed.
+ } elsif (@found_bad_dir = grep { $filename =~ /^$_/ } @bad_dirs) {
# Directories from this list are not allowed to exist in the .deb.
- # The only exception is $basepath/src which may exist but must be empty
&stack_msg($msgs, "File installed into deprecated directory $found_bad_dir[0]", $filename);
} elsif (not grep { $filename =~ /^$_/ } @good_dirs) {
# Directories from this list are the top-level dirs that may exist in the .deb.

0 comments on commit 4cd4de3

Please sign in to comment.