X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=bin%2Fblhc;h=dc71cc1c940d1130660dd9574ba27aa7c72e6bb1;hb=6bd8ae07ae91c53c36d219975bc3296b7af81045;hp=1bdea292cc027251fe9c3e811f19ed1c8dc27c89;hpb=4c7a085e5317ed6bbc88d354c9c691c18714df06;p=blhc%2Fblhc.git

diff --git a/bin/blhc b/bin/blhc
index 1bdea29..dc71cc1 100755
--- a/bin/blhc
+++ b/bin/blhc
@@ -2,7 +2,7 @@
 
 # Build log hardening check, checks build logs for missing hardening flags.
 
-# Copyright (C) 2012  Simon Ruderich
+# Copyright (C) 2012-2013  Simon Ruderich
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -24,7 +24,7 @@ use warnings;
 use Getopt::Long ();
 use Text::ParseWords ();
 
-our $VERSION = '0.03';
+our $VERSION = '0.04';
 
 
 # CONSTANTS/VARIABLES
@@ -566,7 +566,7 @@ if ($option_help) {
     Pod::Usage::pod2usage(1);
 }
 if ($option_version) {
-    print "blhc $VERSION  Copyright (C) 2012  Simon Ruderich
+    print "blhc $VERSION  Copyright (C) 2012-2013  Simon Ruderich
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -852,14 +852,18 @@ foreach my $file (@ARGV) {
             next if $line =~ /^\s*(?:Host\s+)?(?:C(?:\+\+)?\s+)?
                                 [Cc]ompiler[\s.]*:?\s+
                                 /x;
-            next if $line =~ /^\s*(?:- )?(?:HOST_)?(?:CC|CXX)\s*=\s*$cc_regex_full\s*$/o;
+            next if $line =~ m{^\s*(?:-\s)?(?:HOST_)?(?:CC|CXX)
+                                \s*=\s*$cc_regex_full
+                                # optional compiler options, don't allow
+                                # "everything" here to prevent false negatives
+                                \s*(?:\s-\S+)*\s*$}xo;
             # `moc-qt4`/`moc-qt5` contain '-I.../linux-g++' in their command
             # line (or similar for other architectures) which gets recognized
             # as a compiler line, but `moc-qt*` is only a preprocessor for Qt
             # C++ files. No hardening flags are relevant during this step,
             # thus ignore `moc-qt*` lines. The resulting files will be
             # compiled in a separate step (and therefore checked).
-            next if $line =~ m{^\S+/bin/moc-qt[45]
+            next if $line =~ m{^\S+/bin/moc(?:-qt[45])?
                                \s.+\s
                                -I\S+/mkspecs/[a-z]+-g\++(?:-64)?
                                \s}x;
@@ -1481,7 +1485,7 @@ E<lt>jari.aalto@cante.netE<gt> for their valuable input and suggestions.
 
 =head1 LICENSE AND COPYRIGHT
 
-Copyright (C) 2012 by Simon Ruderich
+Copyright (C) 2012-2013 by Simon Ruderich
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by