Lintian::Util(3) | Debian Package Checker | Lintian::Util(3) |
Lintian::Util - Lintian utility functions
use Lintian::Util qw(normalize_pkg_path); my $path = normalize_pkg_path('usr/bin/', '../lib/git-core/git-pull'); if (defined $path) { # ... }
This module contains a number of utility subs that are nice to have, but on their own did not warrant their own module.
Most subs are imported only on request.
Basically, this is a fancy convenience for setting up an ar + tar pipe and passing said pipe to "parse_dpkg_control(HANDLE[, FLAGS[, LINES]])".
DEBFILE must be an ar file containing a "control.tar.gz" member, which in turn should contain a "control" file. If the "control" file is empty this will return an empty list.
Note: the control file is only expected to have a single paragraph and thus only the first is returned (in the unlikely case that there are more than one).
This function may fail with any of the messages that "parse_dpkg_control" do. It can also emit:
"cannot fork to unpack %s: %s\n"
Note: the control file is only expected to have a single paragraph and thus only the first is returned (in the unlikely case that there are more than one).
This function may fail with any of the messages that "read_dpkg_control(FILE[, FLAGS[, LINES]])" do.
May cause an exception if there are issues reading from the pipe.
Caveat: This will block until the pipe is closed from the "write"-end, so only use it with pipes where the "write"-end will eventually close their end by themselves (or something else will make them close it).
ALGO can be 'md5' or shaX, where X is any number supported by Digest::SHA (e.g. 'sha256').
This sub is a convenience wrapper around Digest::{MD5,SHA}.
ALGO can be 'md5' or shaX, where X is any number supported by Digest::SHA (e.g. 'sha256').
This sub is a convenience wrapper around Digest::{MD5,SHA}.
The list of whitelisted %ENV variables are:
PATH LC_ALL (*) TMPDIR
(*) LC_ALL is a special case as clean_env will change its value to either "C.UTF-8" or "C" (if CLOC is given and a truth value).
If the string does not appear to be a valid permission, it will cause a trappable error.
Examples:
# Good perm2oct('-rw-r--r--') == 0644 perm2oct('-rwxr-xr-x') == 0755 # Bad perm2oct('broken') # too short to be recognised perm2oct('-resurunet') # contains unknown permissions
OPTS, if given, is a hash reference with zero or more of the following key-value pairs:
On failure, this sub emits a trappable error.
Note: The handle may be a pipe from an external processes.
If multiple arguments are given, they will be merged into a single string (by join (' ', @_)). If only one argument is given it will be stringified and used directly.
The tool name should follow the same rules as check names. Particularly, third-party checks should namespace their tools in the same way they namespace their checks. E.g. "python/some-helper".
If the tool cannot be found, this sub will cause a trappable error.
@lines = map { strip } <$fd>;
In void context, the input argument will be modified so it can be used as a replacement for chomp in some cases:
while ( my $line = <$fd> ) { strip ($line); # $line no longer has any leading or trailing whitespace }
Otherwise, a copy of the string is returned:
while ( my $orig = <$fd> ) { my $stripped = strip ($orig); if ($stripped ne $orig) { # $orig had leading or/and trailing whitespace } }
Remove initial ./ by default
signal_number2name(2) eq 'INT'
As the name suggests, this is a path "normalization" rather than a true path resolution (for that use Cwd::realpath). Particularly, it assumes none of the path segments are symlinks.
normalize_pkg_path will return "q{}" (i.e. the empty string) if PATH is normalized to the root dir and "undef" if the path cannot be normalized without escaping the package root.
Examples:
normalize_pkg_path('usr/share/java/../../../usr/share/ant/file')
eq 'usr/share/ant/file'
normalize_pkg_path('usr/..') eq q{};
The following will return C<undef>: normalize_pkg_path('usr/bin/../../../../etc/passwd')
normalize_pkg_path will return "q{}" (i.e. the empty string) if the target is the root dir and "undef" if the path cannot be normalized without escaping the package root.
CAVEAT: This function is not always sufficient to test if it is safe to open a given symlink. Use is_ancestor_of for that. If you must use this function, remember to check that the target is not a symlink (or if it is, that it can be resolved safely).
Examples:
normalize_pkg_path('usr/share/java', '../ant/file') eq 'usr/share/ant/file' normalize_pkg_path('usr/share/java', '../../../usr/share/ant/file') normalize_pkg_path('usr/share/java', '/usr/share/ant/file') eq 'usr/share/ant/file' normalize_pkg_path('/usr/share/java', '/') eq q{}; normalize_pkg_path('/', 'usr/..') eq q{}; The following will return C<undef>: normalize_pkg_path('usr/bin', '../../../../etc/passwd') normalize_pkg_path('usr/bin', '/../etc/passwd')
The following values recognised (string checks are not case sensitive):
This function will resolve the paths; any failure to resolve the path will cause a trappable error.
The subroutine will continue to read from INHANDLE until it is exhausted or an error occurs (either during read or write). In case of errors, a trappable error will be raised. The handles are left open when the subroutine returns, caller must close them afterwards.
Caller should ensure that handles are using "blocking" I/O. The subroutine will use sysread and syswrite when reading and writing.
OPTS, if given, may contain the following key-value pairs:
2019-05-26 | Lintian v2.15.0 |