From aba168ae6192dd3531452b33c5dce7799e0e178aff61fe383998b31a28fd3c07 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Tue, 31 Jan 2017 15:01:29 +0000 Subject: [PATCH] - suse-spdx-license-exceptions.patch: removed fuzziness from patch. - issue_68_BinariesCheck_lower_memory.patch: split into seperate patches issue_68_BinariesCheck_lower_memory-1.patch issue_68_BinariesCheck_lower_memory-2.patch issue_68_BinariesCheck_lower_memory-3.patch issue_68_BinariesCheck_lower_memory-4.patch and unfuzzed patch number 3. OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=424 --- issue_68_BinariesCheck_lower_memory-1.patch | 37 ++++ issue_68_BinariesCheck_lower_memory-2.patch | 83 +++++++++ issue_68_BinariesCheck_lower_memory-3.patch | 35 ++++ issue_68_BinariesCheck_lower_memory-4.patch | 22 +++ issue_68_BinariesCheck_lower_memory.patch | 178 -------------------- rpmlint.changes | 14 ++ rpmlint.spec | 5 +- suse-spdx-license-exceptions.patch | 25 ++- 8 files changed, 206 insertions(+), 193 deletions(-) create mode 100644 issue_68_BinariesCheck_lower_memory-1.patch create mode 100644 issue_68_BinariesCheck_lower_memory-2.patch create mode 100644 issue_68_BinariesCheck_lower_memory-3.patch create mode 100644 issue_68_BinariesCheck_lower_memory-4.patch delete mode 100644 issue_68_BinariesCheck_lower_memory.patch diff --git a/issue_68_BinariesCheck_lower_memory-1.patch b/issue_68_BinariesCheck_lower_memory-1.patch new file mode 100644 index 0000000..43ee3ee --- /dev/null +++ b/issue_68_BinariesCheck_lower_memory-1.patch @@ -0,0 +1,37 @@ +From c5871542684bf1439d96f2430fe4f0010070e4db Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ville=20Skytt=C3=A4?= +Date: Sun, 7 Feb 2016 10:10:51 +0200 +Subject: [PATCH] BinariesCheck: avoid false chroot w/o chdir when objdump + fails + +https://bugzilla.redhat.com/show_bug.cgi?id=1305302 +--- + BinariesCheck.py | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/BinariesCheck.py b/BinariesCheck.py +index b2c030e..33dfae5 100644 +--- a/BinariesCheck.py ++++ b/BinariesCheck.py +@@ -210,7 +210,10 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): + # on a server like postfix + res = Pkg.getstatusoutput( + ('env', 'LC_ALL=C', 'objdump', '-d', path)) +- if not res[0]: ++ if res[0]: ++ printWarning(pkg, 'binaryinfo-objdump-failed', file) ++ self.chroot_near_chdir = True # avoid false positive ++ else: + call = [] + # we want that : + # 401eb8: e8 c3 f0 ff ff callq 400f80 +@@ -645,6 +648,9 @@ def check_binary(self, pkg): + 'binaryinfo-readelf-failed', + '''Executing readelf on this file failed, all checks could not be run.''', + ++'binaryinfo-objdump-failed', ++'''Executing objdump on this file failed, all checks could not be run.''', ++ + 'binaryinfo-tail-failed', + '''Reading trailing bytes of this file failed, all checks could not be run.''', + diff --git a/issue_68_BinariesCheck_lower_memory-2.patch b/issue_68_BinariesCheck_lower_memory-2.patch new file mode 100644 index 0000000..9587bcc --- /dev/null +++ b/issue_68_BinariesCheck_lower_memory-2.patch @@ -0,0 +1,83 @@ +From be76ea6216987eefe9e863b193657318720bca51 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Stefan=20Br=C3=BCns?= +Date: Sun, 13 Mar 2016 16:01:37 +0100 +Subject: [PATCH 1/3] BinariesCheck: lower memory requirements, fix + chroot/chdir detection + +Do not read whole output of objdump -d into memory, but read and process +the output while it is created (issue #67). +Also correct expression to find 'chdir@plt' in output (issue #66) +--- + BinariesCheck.py | 49 ++++++++++++++++++++++++++++++------------------- + 1 file changed, 30 insertions(+), 19 deletions(-) + +diff --git a/BinariesCheck.py b/BinariesCheck.py +index 33dfae5..ee6d00b 100644 +--- a/BinariesCheck.py ++++ b/BinariesCheck.py +@@ -10,6 +10,7 @@ + import re + import stat + import sys ++import subprocess + + import rpm + +@@ -205,27 +206,37 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): + # check if chroot is near chdir (since otherwise, chroot is called + # without chdir) + if self.chroot and self.chdir: +- # FIXME this check is too slow, because forking for objdump is +- # quite slow according to a quick test and that's quite visible +- # on a server like postfix +- res = Pkg.getstatusoutput( +- ('env', 'LC_ALL=C', 'objdump', '-d', path)) +- if res[0]: ++ p = subprocess.Popen( ++ ['env', 'LC_ALL=C', 'objdump', '-d', path], ++ stdout=subprocess.PIPE, bufsize=1) ++ with p.stdout: ++ # we want that : ++ # 401eb8: e8 c3 f0 ff ff callq 400f80 ++ objdump_call_regex = re.compile(b'callq?\s(.*)') ++ index = 0 ++ chroot_index = -99 ++ chdir_index = -99 ++ for line in p.stdout: ++ r = objdump_call_regex.search(line) ++ if not r: ++ continue ++ if b'@plt' not in r.group(1): ++ pass ++ elif b'chroot@plt' in r.group(1): ++ chroot_index = index ++ if abs(chroot_index - chdir_index) <= 2: ++ self.chroot_near_chdir = True ++ break ++ elif b'chdir@plt' in r.group(1): ++ chdir_index = index ++ if abs(chroot_index - chdir_index) <= 2: ++ self.chroot_near_chdir = True ++ break ++ index += 1 ++ if p.wait(): + printWarning(pkg, 'binaryinfo-objdump-failed', file) + self.chroot_near_chdir = True # avoid false positive +- else: +- call = [] +- # we want that : +- # 401eb8: e8 c3 f0 ff ff callq 400f80 +- for l in res[1].splitlines(): +- # call is for x86 32 bits, callq for x86_64 +- if l.find('callq ') >= 0 or l.find('call ') >= 0: +- call.append(l.rpartition(' ')[2]) +- for index, c in enumerate(call): +- if c.find('chroot@plt') >= 0: +- for i in call[index-2:index+2]: +- if i.find('chdir@plt'): +- self.chroot_near_chdir = True ++ + else: + self.readelf_error = True + printWarning(pkg, 'binaryinfo-readelf-failed', + diff --git a/issue_68_BinariesCheck_lower_memory-3.patch b/issue_68_BinariesCheck_lower_memory-3.patch new file mode 100644 index 0000000..5ce4778 --- /dev/null +++ b/issue_68_BinariesCheck_lower_memory-3.patch @@ -0,0 +1,35 @@ +From f61aab52fdcbdc9096f2346ee4ecf9668d8a0fbc Mon Sep 17 00:00:00 2001 +From: StefanBruens +Date: Wed, 29 Jun 2016 18:28:55 +0200 +Subject: [PATCH 2/3] Use default bufsize, move regex compile to common place + +--- + BinariesCheck.py | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +Index: rpmlint-rpmlint-1.8/BinariesCheck.py +=================================================================== +--- rpmlint-rpmlint-1.8.orig/BinariesCheck.py ++++ rpmlint-rpmlint-1.8/BinariesCheck.py +@@ -64,6 +64,8 @@ class BinaryInfo: + setuid_call_regex = create_regexp_call(['setresuid', 'seteuid', 'setuid']) + setgroups_call_regex = create_regexp_call(['initgroups', 'setgroups']) + chroot_call_regex = create_regexp_call('chroot') ++ # 401eb8: e8 c3 f0 ff ff callq 400f80 ++ objdump_call_regex = re.compile(b'callq?\s(.*)') + + forbidden_functions = Config.getOption("WarnOnFunction") + if forbidden_functions: +@@ -234,11 +236,8 @@ class BinaryInfo: + if self.chroot and self.chdir: + p = subprocess.Popen( + ['env', 'LC_ALL=C', 'objdump', '-d', path], +- stdout=subprocess.PIPE, bufsize=1) ++ stdout=subprocess.PIPE, bufsize=-1) + with p.stdout: +- # we want that : +- # 401eb8: e8 c3 f0 ff ff callq 400f80 +- objdump_call_regex = re.compile(b'callq?\s(.*)') + index = 0 + chroot_index = -99 + chdir_index = -99 diff --git a/issue_68_BinariesCheck_lower_memory-4.patch b/issue_68_BinariesCheck_lower_memory-4.patch new file mode 100644 index 0000000..8a6486d --- /dev/null +++ b/issue_68_BinariesCheck_lower_memory-4.patch @@ -0,0 +1,22 @@ +From 643f42c51f46ed1f377fc099cca818fba2d5a7d0 Mon Sep 17 00:00:00 2001 +From: StefanBruens +Date: Wed, 29 Jun 2016 18:38:51 +0200 +Subject: [PATCH 3/3] Fix last commit + +--- + BinariesCheck.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/BinariesCheck.py b/BinariesCheck.py +index f19ae29..89517c2 100644 +--- a/BinariesCheck.py ++++ b/BinariesCheck.py +@@ -216,7 +216,7 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): + chroot_index = -99 + chdir_index = -99 + for line in p.stdout: +- r = objdump_call_regex.search(line) ++ r = BinaryInfo.objdump_call_regex.search(line) + if not r: + continue + if b'@plt' not in r.group(1): diff --git a/issue_68_BinariesCheck_lower_memory.patch b/issue_68_BinariesCheck_lower_memory.patch deleted file mode 100644 index a3ee6d1..0000000 --- a/issue_68_BinariesCheck_lower_memory.patch +++ /dev/null @@ -1,178 +0,0 @@ -From c5871542684bf1439d96f2430fe4f0010070e4db Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ville=20Skytt=C3=A4?= -Date: Sun, 7 Feb 2016 10:10:51 +0200 -Subject: [PATCH] BinariesCheck: avoid false chroot w/o chdir when objdump - fails - -https://bugzilla.redhat.com/show_bug.cgi?id=1305302 ---- - BinariesCheck.py | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/BinariesCheck.py b/BinariesCheck.py -index b2c030e..33dfae5 100644 ---- a/BinariesCheck.py -+++ b/BinariesCheck.py -@@ -210,7 +210,10 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): - # on a server like postfix - res = Pkg.getstatusoutput( - ('env', 'LC_ALL=C', 'objdump', '-d', path)) -- if not res[0]: -+ if res[0]: -+ printWarning(pkg, 'binaryinfo-objdump-failed', file) -+ self.chroot_near_chdir = True # avoid false positive -+ else: - call = [] - # we want that : - # 401eb8: e8 c3 f0 ff ff callq 400f80 -@@ -645,6 +648,9 @@ def check_binary(self, pkg): - 'binaryinfo-readelf-failed', - '''Executing readelf on this file failed, all checks could not be run.''', - -+'binaryinfo-objdump-failed', -+'''Executing objdump on this file failed, all checks could not be run.''', -+ - 'binaryinfo-tail-failed', - '''Reading trailing bytes of this file failed, all checks could not be run.''', - -From be76ea6216987eefe9e863b193657318720bca51 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Stefan=20Br=C3=BCns?= -Date: Sun, 13 Mar 2016 16:01:37 +0100 -Subject: [PATCH 1/3] BinariesCheck: lower memory requirements, fix - chroot/chdir detection - -Do not read whole output of objdump -d into memory, but read and process -the output while it is created (issue #67). -Also correct expression to find 'chdir@plt' in output (issue #66) ---- - BinariesCheck.py | 49 ++++++++++++++++++++++++++++++------------------- - 1 file changed, 30 insertions(+), 19 deletions(-) - -diff --git a/BinariesCheck.py b/BinariesCheck.py -index 33dfae5..ee6d00b 100644 ---- a/BinariesCheck.py -+++ b/BinariesCheck.py -@@ -10,6 +10,7 @@ - import re - import stat - import sys -+import subprocess - - import rpm - -@@ -205,27 +206,37 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): - # check if chroot is near chdir (since otherwise, chroot is called - # without chdir) - if self.chroot and self.chdir: -- # FIXME this check is too slow, because forking for objdump is -- # quite slow according to a quick test and that's quite visible -- # on a server like postfix -- res = Pkg.getstatusoutput( -- ('env', 'LC_ALL=C', 'objdump', '-d', path)) -- if res[0]: -+ p = subprocess.Popen( -+ ['env', 'LC_ALL=C', 'objdump', '-d', path], -+ stdout=subprocess.PIPE, bufsize=1) -+ with p.stdout: -+ # we want that : -+ # 401eb8: e8 c3 f0 ff ff callq 400f80 -+ objdump_call_regex = re.compile(b'callq?\s(.*)') -+ index = 0 -+ chroot_index = -99 -+ chdir_index = -99 -+ for line in p.stdout: -+ r = objdump_call_regex.search(line) -+ if not r: -+ continue -+ if b'@plt' not in r.group(1): -+ pass -+ elif b'chroot@plt' in r.group(1): -+ chroot_index = index -+ if abs(chroot_index - chdir_index) <= 2: -+ self.chroot_near_chdir = True -+ break -+ elif b'chdir@plt' in r.group(1): -+ chdir_index = index -+ if abs(chroot_index - chdir_index) <= 2: -+ self.chroot_near_chdir = True -+ break -+ index += 1 -+ if p.wait(): - printWarning(pkg, 'binaryinfo-objdump-failed', file) - self.chroot_near_chdir = True # avoid false positive -- else: -- call = [] -- # we want that : -- # 401eb8: e8 c3 f0 ff ff callq 400f80 -- for l in res[1].splitlines(): -- # call is for x86 32 bits, callq for x86_64 -- if l.find('callq ') >= 0 or l.find('call ') >= 0: -- call.append(l.rpartition(' ')[2]) -- for index, c in enumerate(call): -- if c.find('chroot@plt') >= 0: -- for i in call[index-2:index+2]: -- if i.find('chdir@plt'): -- self.chroot_near_chdir = True -+ - else: - self.readelf_error = True - printWarning(pkg, 'binaryinfo-readelf-failed', - -From f61aab52fdcbdc9096f2346ee4ecf9668d8a0fbc Mon Sep 17 00:00:00 2001 -From: StefanBruens -Date: Wed, 29 Jun 2016 18:28:55 +0200 -Subject: [PATCH 2/3] Use default bufsize, move regex compile to common place - ---- - BinariesCheck.py | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/BinariesCheck.py b/BinariesCheck.py -index ee6d00b..f19ae29 100644 ---- a/BinariesCheck.py -+++ b/BinariesCheck.py -@@ -54,6 +54,8 @@ class BinaryInfo(object): - setuid_call_regex = create_regexp_call('set(?:res|e)?uid') - setgroups_call_regex = create_regexp_call('(?:ini|se)tgroups') - chroot_call_regex = create_regexp_call('chroot') -+ # 401eb8: e8 c3 f0 ff ff callq 400f80 -+ objdump_call_regex = re.compile(b'callq?\s(.*)') - - forbidden_functions = Config.getOption("WarnOnFunction") - if forbidden_functions: -@@ -208,11 +210,8 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): - if self.chroot and self.chdir: - p = subprocess.Popen( - ['env', 'LC_ALL=C', 'objdump', '-d', path], -- stdout=subprocess.PIPE, bufsize=1) -+ stdout=subprocess.PIPE, bufsize=-1) - with p.stdout: -- # we want that : -- # 401eb8: e8 c3 f0 ff ff callq 400f80 -- objdump_call_regex = re.compile(b'callq?\s(.*)') - index = 0 - chroot_index = -99 - chdir_index = -99 - -From 643f42c51f46ed1f377fc099cca818fba2d5a7d0 Mon Sep 17 00:00:00 2001 -From: StefanBruens -Date: Wed, 29 Jun 2016 18:38:51 +0200 -Subject: [PATCH 3/3] Fix last commit - ---- - BinariesCheck.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/BinariesCheck.py b/BinariesCheck.py -index f19ae29..89517c2 100644 ---- a/BinariesCheck.py -+++ b/BinariesCheck.py -@@ -216,7 +216,7 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): - chroot_index = -99 - chdir_index = -99 - for line in p.stdout: -- r = objdump_call_regex.search(line) -+ r = BinaryInfo.objdump_call_regex.search(line) - if not r: - continue - if b'@plt' not in r.group(1): diff --git a/rpmlint.changes b/rpmlint.changes index fcf8da4..6176bc0 100644 --- a/rpmlint.changes +++ b/rpmlint.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Tue Jan 31 14:55:48 UTC 2017 - meissner@suse.com + +- suse-spdx-license-exceptions.patch: removed fuzziness from patch. + +- issue_68_BinariesCheck_lower_memory.patch: split into seperate patches + + issue_68_BinariesCheck_lower_memory-1.patch + issue_68_BinariesCheck_lower_memory-2.patch + issue_68_BinariesCheck_lower_memory-3.patch + issue_68_BinariesCheck_lower_memory-4.patch + + and unfuzzed patch number 3. + ------------------------------------------------------------------- Tue Jan 31 14:18:03 UTC 2017 - krahmer@suse.com diff --git a/rpmlint.spec b/rpmlint.spec index 655d21f..1102c0f 100644 --- a/rpmlint.spec +++ b/rpmlint.spec @@ -116,7 +116,10 @@ Patch63: 0001-Avoid-messing-with-the-error-encoding-Fixes-61.patch Patch64: omit_BUILDROOT_from_pyo_files.patch # PATCH-FIX-UPSTREAM 0001-Fix-resolving-Python-source-from-3.5-.opt-12.pyc.patch alarrosa@suse.com -- Fixes resolving python source from files generated following PEP0488 Patch65: 0001-Fix-resolving-Python-source-from-3.5-.opt-12.pyc.patch -Patch66: issue_68_BinariesCheck_lower_memory.patch +Patch661: issue_68_BinariesCheck_lower_memory-1.patch +Patch662: issue_68_BinariesCheck_lower_memory-2.patch +Patch663: issue_68_BinariesCheck_lower_memory-3.patch +Patch664: issue_68_BinariesCheck_lower_memory-4.patch # Fix a regression introduced by suse-shlib-devel-dependency.diff Patch67: suse-readd_terminator_in_regex.patch # PATCHLIST END diff --git a/suse-spdx-license-exceptions.patch b/suse-spdx-license-exceptions.patch index 928e529..3a9b86e 100644 --- a/suse-spdx-license-exceptions.patch +++ b/suse-spdx-license-exceptions.patch @@ -7,13 +7,13 @@ Subject: [PATCH] Handle SPDX style license exceptions TagsCheck.py | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) -diff --git a/TagsCheck.py b/TagsCheck.py -index f5b7516..ada84f7 100644 ---- a/TagsCheck.py -+++ b/TagsCheck.py +Index: rpmlint-rpmlint-1.8/TagsCheck.py +=================================================================== +--- rpmlint-rpmlint-1.8.orig/TagsCheck.py ++++ rpmlint-rpmlint-1.8/TagsCheck.py @@ -139,6 +139,34 @@ DEFAULT_VALID_LICENSES = ( 'Shareware', - ) + ) +DEFAULT_VALID_LICENSE_EXCEPTIONS = ( + '389-exception', @@ -46,7 +46,7 @@ index f5b7516..ada84f7 100644 BAD_WORDS = { 'alot': 'a lot', 'accesnt': 'accent', -@@ -404,6 +432,7 @@ VALID_GROUPS = Config.getOption('ValidGroups', None) +@@ -404,6 +432,7 @@ VALID_GROUPS = Config.getOption('ValidGr if VALID_GROUPS is None: # get defaults from rpm package only if it's not set VALID_GROUPS = Pkg.get_default_valid_rpmgroups() VALID_LICENSES = Config.getOption('ValidLicenses', DEFAULT_VALID_LICENSES) @@ -54,15 +54,15 @@ index f5b7516..ada84f7 100644 INVALID_REQUIRES = map(re.compile, Config.getOption('InvalidRequires', DEFAULT_INVALID_REQUIRES)) packager_regex = re.compile(Config.getOption('Packager')) changelog_version_regex = re.compile('[^>]([^ >]+)\s*$') -@@ -417,6 +446,7 @@ invalid_url_regex = re.compile(Config.getOption('InvalidURL'), re.IGNORECASE) - lib_package_regex = re.compile('(?:^(?:compat-)?lib.*?(\.so.*)?|libs?[\d-]*)$', re.IGNORECASE) +@@ -418,6 +447,7 @@ lib_package_regex = re.compile('(?:^(?:c leading_space_regex = re.compile('^\s+') + pkg_config_regex = re.compile('^/usr/(?:lib\d*|share)/pkgconfig/') license_regex = re.compile('\(([^)]+)\)|\s(?:and|or)\s') +license_exception_regex = re.compile('(\S+)\sWITH\s(\S+)') invalid_version_regex = re.compile('([0-9](?:rc|alpha|beta|pre).*)', re.IGNORECASE) # () are here for grouping purpose in the regexp forbidden_words_regex = re.compile('(' + Config.getOption('ForbiddenWords') + ')', re.IGNORECASE) -@@ -776,6 +806,10 @@ class TagsCheck(AbstractCheck.AbstractCheck): +@@ -787,6 +817,10 @@ class TagsCheck(AbstractCheck.AbstractCh # printWarning(pkg, 'package-provides-itself') # break @@ -73,7 +73,7 @@ index f5b7516..ada84f7 100644 def split_license(license): return (x.strip() for x in (l for l in license_regex.split(license) if l)) -@@ -786,7 +820,17 @@ class TagsCheck(AbstractCheck.AbstractCheck): +@@ -797,7 +831,17 @@ class TagsCheck(AbstractCheck.AbstractCh else: valid_license = True if rpm_license not in VALID_LICENSES: @@ -92,7 +92,7 @@ index f5b7516..ada84f7 100644 if l1 in VALID_LICENSES: continue for l2 in split_license(l1): -@@ -1062,6 +1106,11 @@ your specfile.''', +@@ -1073,6 +1117,11 @@ your specfile.''', '''The value of the License tag was not recognized. Known values are: "%s".''' % '", "'.join(VALID_LICENSES), @@ -104,6 +104,3 @@ index f5b7516..ada84f7 100644 'obsolete-not-provided', '''If a package is obsoleted by a compatible replacement, the obsoleted package should also be provided in order to not cause unnecessary dependency breakage. --- -2.7.4 -