diff options
author | Kyle Keen <keenerd@gmail.com> | 2016-12-10 03:19:44 -0500 |
---|---|---|
committer | Kyle Keen <keenerd@gmail.com> | 2016-12-10 03:19:51 -0500 |
commit | 5d235220433d4434909b7dba2097fa5461e8ea8e (patch) | |
tree | 2caa9120230fd82becc5494b2733bf146fb47dad | |
parent | 2090aa73950508eb7134845adfbc9a2b9bf2c419 (diff) | |
download | namcap-5d235220433d4434909b7dba2097fa5461e8ea8e.tar.gz namcap-5d235220433d4434909b7dba2097fa5461e8ea8e.zip |
Summarize ELF files found in opt (FS#49489)
Report a single Error that there are files in opt.
Full paths may be found in the Info output.
Signed-off-by: Kyle Keen <keenerd@gmail.com>
-rw-r--r-- | Namcap/rules/elffiles.py | 25 | ||||
-rw-r--r-- | namcap-tags | 1 |
2 files changed, 19 insertions, 7 deletions
diff --git a/Namcap/rules/elffiles.py b/Namcap/rules/elffiles.py index 68167bd..c48ef6e 100644 --- a/Namcap/rules/elffiles.py +++ b/Namcap/rules/elffiles.py @@ -30,32 +30,43 @@ from Namcap.ruleclass import * # Valid directories for ELF files valid_dirs = ['bin/', 'sbin/', 'usr/bin/', 'usr/sbin/', 'lib/', 'usr/lib/', 'usr/lib32/'] +# Questionable directories for ELF files +# (Suppresses some output spam.) +questionable_dirs = ['opt/'] class ELFPaths(TarballRule): name = "elfpaths" description = "Check about ELF files outside some standard paths." def analyze(self, pkginfo, tar): invalid_elffiles = [] + questionable_elffiles = [] for entry in tar: # is it a regular file ? if not entry.isfile(): continue # is it outside standard binary dirs ? - is_outside_std_dirs = True - for d in valid_dirs: - if entry.name.startswith(d): - is_outside_std_dirs = False - break - if not is_outside_std_dirs: + in_std_dirs = any(entry.name.startswith(d) for d in valid_dirs) + in_que_dirs = any(entry.name.startswith(d) for d in questionable_dirs) + + if in_std_dirs: continue # is it an ELF file ? f = tar.extractfile(entry) if is_elf(f): - invalid_elffiles.append(entry.name) + if in_que_dirs: + questionable_elffiles.append(entry.name) + else: + invalid_elffiles.append(entry.name) + que_elfdirs = [d for d in questionable_dirs if any(f.startswith(d) for f in questionable_elffiles)] self.errors = [("elffile-not-in-allowed-dirs %s", i) for i in invalid_elffiles] + self.errors.extend(("elffile-in-questionable-dirs %s", i) + for i in que_elfdirs) + self.infos = [("elffile-not-in-allowed-dirs %s", i) + for i in questionable_elffiles] + def _test_elf_and_extract(tar, entry): "Tests whether a Tar entry is an ELF file and returns the name of a temp file." diff --git a/namcap-tags b/namcap-tags index 331bc15..c91a712 100644 --- a/namcap-tags +++ b/namcap-tags @@ -16,6 +16,7 @@ dangling-symlink %s points to %s :: Symlink (%s) points to non-existing %s directory-not-world-executable %s :: Directory (%s) does not have the world executable bit set. elffile-in-any-package %s :: ELF file ('%s') found in an 'any' package. elffile-not-in-allowed-dirs %s :: ELF file ('%s') outside of a valid path. +elffile-in-questionable-dirs %s :: ELF files outside of a valid path ('%s'). elffile-with-textrel %s :: ELF file ('%s') has text relocations. elffile-with-execstack %s :: ELF file ('%s') has executable stack. empty-directory %s :: Directory (%s) is empty |