(Debian Bug #994154).
- Properly handle quoted flags; reported by Olek Wojnar (see Debian Bug
#975650 message 45).
+- Strip (basic) environment variables before compiler detection to reduce
+ false positives; reported by Fabian Wolff (Debian Bug #975650)
Version 0.12
$complete_line = undef;
}
+ my $noenv = $line;
+ # Strip (basic) environment variables for compiler detection. This
+ # prevents false positives when environment variables contain
+ # compiler binaries. Nested quotes, command substitution, etc. is
+ # not supported.
+ $noenv =~ s/^
+ \s*
+ (?:
+ [a-zA-Z_]+ # environment variable name
+ =
+ (?:
+ [^\s"'\$`\\]+ # non-quoted string
+ |
+ '[^"'\$`\\]*' # single-quoted string
+ |
+ "[^"'\$`\\]*" # double-quoted string
+ )
+ \s+
+ )*
+ //x;
# Ignore lines with no compiler commands.
next if not $non_verbose
- and not $line =~ /$cc_regex_normal/o;
+ and not $noenv =~ /$cc_regex_normal/o;
# Ignore lines with no filenames with extensions. May miss some
# non-verbose builds (e.g. "gcc -o test" [sic!]), but shouldn't be
# a problem as the log will most likely contain other non-verbose
dpkg-buildpackage: source package test
VERSION=v-amd64-linux CPP="gcc -x assembler-with-cpp -E -P -Wdate-time -D_FORTIFY_SOURCE=2" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" ../../config/gen-posix-names.sh _SC_ ml_sysconf.h
+VERSION="`echo hi`" CPP="gcc -x assembler-with-cpp -E -P -Wdate-time -D_FORTIFY_SOURCE=2" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" ../../config/gen-posix-names.sh _SC_ ml_sysconf.h
';
is_blhc 'env', '--all', 8,
- 'CPPFLAGS missing (-D_FORTIFY_SOURCE=2): VERSION=v-amd64-linux CPP="gcc -x assembler-with-cpp -E -P -Wdate-time -D_FORTIFY_SOURCE=2" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" ../../config/gen-posix-names.sh _SC_ ml_sysconf.h
+ 'CPPFLAGS missing (-D_FORTIFY_SOURCE=2): VERSION="`echo hi`" CPP="gcc -x assembler-with-cpp -E -P -Wdate-time -D_FORTIFY_SOURCE=2" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" ../../config/gen-posix-names.sh _SC_ ml_sysconf.h
';
ruderich.org/simon / blhc / blhc.git / commitdiff