# FUNCTIONS
+sub split_line {
+ my ($line) = @_;
+
+ my @work = ($line);
+ foreach my $delim (';', '&&', '||') {
+ my @x;
+ foreach (@work) {
+ push @x, Text::ParseWords::parse_line(qr/\Q$delim\E/, 1, $_);
+ }
+ @work = @x;
+ }
+
+ return map {
+ # Ensure newline at the line end - necessary for
+ # correct parsing later.
+ $_ =~ s/\s+$//;
+ $_ .= "\n";
+ } @work;
+}
+
sub error_flags {
my ($message, $missing_flags_ref, $flag_renames_ref, $line, $number) = @_;
$non_verbose |= is_non_verbose_build($line, \$skip);
next if $skip;
- # One line may contain multiple commands (";"). Treat each one as
- # single line. parse_line() is slow, only use it when necessary.
- my @line = (index($line, ';') == -1)
+ # Treat each command as a single line so we don't ignore valid
+ # commands when handling false positives. split_line() is slow, only
+ # use it when necessary.
+ my @line = ($line !~ /(?:;|&&|\|\|)/)
? ($line)
- : map {
- # Ensure newline at the line end - necessary for
- # correct parsing later.
- $_ =~ s/\s+$//;
- $_ .= "\n";
- } Text::ParseWords::parse_line(';', 1, $line);
+ : split_line($line);
foreach my $line (@line) {
if ($continuation) {
$continuation = 0;
# optional compiler options, don't allow
# "everything" here to prevent false negatives
\s*(?:\s-\S+)*\s*$}xo;
+ # `echo` is never a compiler command
+ next if $line =~ /^\s*echo\s/;
# `moc-qt4`/`moc-qt5` contain '-I.../linux-g++' in their command
# line (or similar for other architectures) which gets recognized
# as a compiler line, but `moc-qt*` is only a preprocessor for Qt
LDFLAGS missing (-Wl,-z,relro): gcc test.c -o test.output
CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): (gcc -Wl,-z,relro -o test.output test.c)
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): (gcc -Wl,-z,relro -o test.output test.c)
+CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): gcc test-comma.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-comma.c
+LDFLAGS missing (-Wl,-z,relro): gcc test-comma.c
+CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): gcc test-and.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-and.c
+LDFLAGS missing (-Wl,-z,relro): gcc test-and.c
+CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): gcc test-or.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-or.c
+LDFLAGS missing (-Wl,-z,relro): gcc test-or.c
';
is_blhc 'bad-cflags', '--pie', 8,
'CFLAGS missing (-fPIE -Wformat): gcc -g -O2 -fstack-protector-strong -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-a.c
CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): (gcc -Wl,-z,relro -o test.output test.c)
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): (gcc -Wl,-z,relro -o test.output test.c)
LDFLAGS missing (-fPIE -pie): (gcc -Wl,-z,relro -o test.output test.c)
+CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): gcc test-comma.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-comma.c
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc test-comma.c
+CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): gcc test-and.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-and.c
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc test-and.c
+CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): gcc test-or.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-or.c
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc test-or.c
';
is_blhc 'bad-cflags', '--bindnow', 8,
'CFLAGS missing (-Wformat): gcc -g -O2 -fstack-protector-strong -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-a.c
CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): (gcc -Wl,-z,relro -o test.output test.c)
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): (gcc -Wl,-z,relro -o test.output test.c)
LDFLAGS missing (-Wl,-z,now): (gcc -Wl,-z,relro -o test.output test.c)
+CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): gcc test-comma.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-comma.c
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc test-comma.c
+CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): gcc test-and.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-and.c
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc test-and.c
+CFLAGS missing (-g -O2 -fstack-protector-strong -Wformat -Werror=format-security): gcc test-or.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-or.c
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc test-or.c
';
is_blhc 'bad-cflags', '--pie --bindnow', 8,
'CFLAGS missing (-fPIE -Wformat): gcc -g -O2 -fstack-protector-strong -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-a.c
CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): (gcc -Wl,-z,relro -o test.output test.c)
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): (gcc -Wl,-z,relro -o test.output test.c)
LDFLAGS missing (-fPIE -pie -Wl,-z,now): (gcc -Wl,-z,relro -o test.output test.c)
+CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): gcc test-comma.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-comma.c
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc test-comma.c
+CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): gcc test-and.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-and.c
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc test-and.c
+CFLAGS missing (-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security): gcc test-or.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc test-or.c
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc test-or.c
';
is_blhc 'bad-cflags-stackprotector', '', 8,
'CFLAGS missing (-fstack-protector-strong): gcc -g -O2 -fstack-protector-strong -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c -fno-stack-protector test-a.c
CXXFLAGS missing (-fstack-protector-strong): g++ -g -O2 -fPIC -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test_file.cxx
NONVERBOSE BUILD: [ 22%] Building CXX object src/CMakeFiles/test/test.cpp.o
NONVERBOSE BUILD: [ 82%] Building C object src/CMakeFiles/test/test.c.o
-CXXFLAGS missing (-Wformat): cd /tmp/test/src && /usr/bin/c++ -g -O2 -fstack-protector-strong -Wformat-security -Werror=format-security -o CMakeFiles/test-verbose.dir/verbose.cpp.o -c -D_FORTIFY_SOURCE=2 /tmp/test/src/test-verbose/verbose.cpp
-CFLAGS missing (-Werror=format-security): cd /tmp/test/src && /usr/bin/gcc -g -O2 -fstack-protector-strong -Wformat -Wformat-security -o CMakeFiles/test-verbose-c.dir/verbose-c.c.o -c -D_FORTIFY_SOURCE=2 /tmp/test/src/test-verbose-c/verbose-c.c
+CXXFLAGS missing (-Wformat): /usr/bin/c++ -g -O2 -fstack-protector-strong -Wformat-security -Werror=format-security -o CMakeFiles/test-verbose.dir/verbose.cpp.o -c -D_FORTIFY_SOURCE=2 /tmp/test/src/test-verbose/verbose.cpp
+CFLAGS missing (-Werror=format-security): /usr/bin/gcc -g -O2 -fstack-protector-strong -Wformat -Wformat-security -o CMakeFiles/test-verbose-c.dir/verbose-c.c.o -c -D_FORTIFY_SOURCE=2 /tmp/test/src/test-verbose-c/verbose-c.c
NONVERBOSE BUILD: Compiling test.c \ gcc test.c
NONVERBOSE BUILD: [ 3%] Building CXX object scribus/text/CMakeFiles/scribus_text_lib.dir/frect.cpp.o
NONVERBOSE BUILD: [ 1/13] Compiling src/instance.c
ruderich.org/simon / blhc / blhc.git / commitdiff