Use here-doc for --version output.

[blhc/blhc.git] / bin / blhc

diff --git a/bin/blhc b/bin/blhc
index f2f0d6f1253055d81c918f23ca64670c37826b51..e2658ae9f329f96959ef5b229d8035a6fa1f5172 100755 (executable)
--- a/bin/blhc
+++ b/bin/blhc
@@ -2,7 +2,7 @@
 
 # Build log hardening check, checks build logs for missing hardening flags.
 
-# Copyright (C) 2012  Simon Ruderich
+# Copyright (C) 2012-2013  Simon Ruderich
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -24,7 +24,7 @@ use warnings;
 use Getopt::Long ();
 use Text::ParseWords ();
 
-our $VERSION = '0.03';
+our $VERSION = '0.04';
 
 
 # CONSTANTS/VARIABLES
@@ -176,7 +176,8 @@ my $file_extension_regex = qr/
                     # terminated with "\n".
     /x;
 
-# Expected (hardening) flags. All flags are used as regexps.
+# Expected (hardening) flags. All flags are used as regexps (and compiled to
+# real regexps below for better execution speed).
 my @def_cflags = (
     '-g',
     '-O(?:2|3)',
@@ -440,6 +441,7 @@ sub is_non_verbose_build {
     #
     # C++ compiler setting.
     return 0 if $line =~ /^\s*C\+\+.+?:\s+(?:yes|no)\s*$/;
+    return 0 if $line =~ /^\s*C\+\+ Library: stdc\+\+$/;
     # "Compiling" with no file name.
     if ($line =~ /^\s*[Cc]ompiling\s+(.+?)(?:\.\.\.)?$/) {
         # $file_extension_regex may need spaces around the filename.
@@ -474,6 +476,7 @@ sub is_non_verbose_build {
     return 1;
 }
 
+# Remove @flags from $flag_refs_ref, and $flag_renames_ref.
 sub remove_flags {
     my ($flag_refs_ref, $flag_renames_ref, @flags) = @_;
 
@@ -491,35 +494,37 @@ sub remove_flags {
     return;
 }
 
+# Modifies $flag_renames_ref hash.
 sub compile_flag_regexp {
     my ($flag_renames_ref, @flags) = @_;
 
     my @result = ();
     foreach my $flag (@flags) {
+        # Compile flag regexp for faster execution.
+        my $regex = qr/\s$flag(?:\s|\\)/;
+
         # Store flag name in replacement string for correct flags in messages
         # with qr//ed flag regexps.
-        $flag_renames_ref->{qr/\s$flag(?:\s|\\)/}
+        $flag_renames_ref->{$regex}
             = (exists $flag_renames_ref->{$flag})
                 ? $flag_renames_ref->{$flag}
                 : $flag;
 
-        # Compile flag regexp for faster execution.
-        push @result, qr/\s$flag(?:\s|\\)/;
+        push @result, $regex;
     }
     return @result;
 }
 
+# Does any extension in @extensions exist in %{$extensions_ref}?
 sub extension_found {
     my ($extensions_ref, @extensions) = @_;
 
-    my $found = 0;
     foreach my $extension (@extensions) {
         if (exists $extensions_ref->{$extension}) {
-            $found = 1;
-            last;
+            return 1;
         }
     }
-    return $found;
+    return 0;
 }
 
 
@@ -565,7 +570,8 @@ if ($option_help) {
     Pod::Usage::pod2usage(1);
 }
 if ($option_version) {
-    print "blhc $VERSION  Copyright (C) 2012  Simon Ruderich
+    print <<"EOF";
+blhc $VERSION  Copyright (C) 2012-2013  Simon Ruderich
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -579,7 +585,7 @@ GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
-";
+EOF
     exit 0;
 }
 
@@ -851,13 +857,20 @@ foreach my $file (@ARGV) {
             next if $line =~ /^\s*(?:Host\s+)?(?:C(?:\+\+)?\s+)?
                                 [Cc]ompiler[\s.]*:?\s+
                                 /x;
-            next if $line =~ /^\s*(?:- )?(?:HOST_)?(?:CC|CXX)\s*=\s*$cc_regex_full\s*$/o;
-            # `moc-qt4`, contains '-I/usr/share/qt4/mkspecs/linux-g++' (or
-            # similar for other architectures) which gets recognized as a
-            # compiler line. Ignore it.
-            next if $line =~ m{^/usr/bin/moc-qt4
+            next if $line =~ m{^\s*(?:-\s)?(?:HOST_)?(?:CC|CXX)
+                                \s*=\s*$cc_regex_full
+                                # optional compiler options, don't allow
+                                # "everything" here to prevent false negatives
+                                \s*(?:\s-\S+)*\s*$}xo;
+            # `moc-qt4`/`moc-qt5` contain '-I.../linux-g++' in their command
+            # line (or similar for other architectures) which gets recognized
+            # as a compiler line, but `moc-qt*` is only a preprocessor for Qt
+            # C++ files. No hardening flags are relevant during this step,
+            # thus ignore `moc-qt*` lines. The resulting files will be
+            # compiled in a separate step (and therefore checked).
+            next if $line =~ m{^\S+/bin/moc(?:-qt[45])?
                                \s.+\s
-                               -I/usr/share/qt4/mkspecs/[a-z]+-g\++(?:-64)?
+                               -I\S+/mkspecs/[a-z]+-g\++(?:-64)?
                                \s}x;
             # Ignore false positives when the line contains only CC=gcc but no
             # other gcc command.
@@ -1015,7 +1028,8 @@ LINE:
             }
             next;
         }
-        # Even if it's a verbose build, we might have to skip this line.
+        # Even if it's a verbose build, we might have to skip this line (see
+        # is_non_verbose_build()).
         next if $skip;
 
         # Remove everything until and including the compiler command. Makes
@@ -1477,7 +1491,7 @@ E<lt>jari.aalto@cante.netE<gt> for their valuable input and suggestions.
 
 =head1 LICENSE AND COPYRIGHT
 
-Copyright (C) 2012 by Simon Ruderich
+Copyright (C) 2012-2013 by Simon Ruderich
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by