X-Git-Url: https://ruderich.org/simon/gitweb/?p=blhc%2Fblhc.git;a=blobdiff_plain;f=bin%2Fblhc;h=9ed648aa1a7be09fabffa22514b7cabb35a87166;hp=c7457d2c79c1f4780741d60e5cc25725794fc2c4;hb=22380d5ef99ff37e3c96070d65f01c34a8f0ba82;hpb=19728cda633b5ab8e207a95bb22c5b526bd239c4
diff --git a/bin/blhc b/bin/blhc
index c7457d2..9ed648a 100755
--- a/bin/blhc
+++ b/bin/blhc
@@ -570,7 +570,8 @@ if ($option_help) {
Pod::Usage::pod2usage(1);
}
if ($option_version) {
- print "blhc $VERSION Copyright (C) 2012-2013 Simon Ruderich
+ print <<"EOF";
+blhc $VERSION Copyright (C) 2012-2013 Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -584,7 +585,7 @@ GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
-";
+EOF
exit 0;
}
@@ -687,8 +688,13 @@ foreach my $file (@ARGV) {
# only, doesn't use the dpkg-buildpackage header. Necessary to ignore
# build logs which aren't built (wrong architecture, build error,
# etc.).
- if (not $arch and index($line, 'Architecture: ') == 0) {
- $arch = substr $line, 14, -1; # -1 to ignore '\n' at the end
+ if (not $arch) {
+ if (index($line, 'Build Architecture: ') == 0) {
+ $arch = substr $line, 20, -1; # -1 to ignore '\n' at the end
+ # For old logs (sbuild << 0.63.0-1).
+ } elsif (index($line, 'Architecture: ') == 0) {
+ $arch = substr $line, 14, -1; # -1 to ignore '\n' at the end
+ }
}
# dpkg-buildflags only provides hardening flags since 1.16.1, don't
@@ -728,9 +734,11 @@ foreach my $file (@ARGV) {
}
}
- # Debian's build daemons use Build-Depends: for the build
- # dependencies, but pbuilder just uses Depends:; support both.
- if (index($line, 'Build-Depends: ') == 0
+ # Debian's build daemons use "Filtered Build-Depends:" (or just
+ # "Build-Depends:" in older versions) for the build dependencies, but
+ # pbuilder uses "Depends:"; support both.
+ if (index($line, 'Filtered Build-Depends: ') == 0
+ or index($line, 'Build-Depends: ') == 0
or index($line, 'Depends: ') == 0) {
# If hardening wrapper is used (wraps calls to gcc and adds
# hardening flags automatically) we can't perform any checks,
@@ -919,7 +927,7 @@ foreach my $file (@ARGV) {
# Option or auto detected.
if ($arch) {
- # The following was partially copied from dpkg-dev 1.16.4.3
+ # The following was partially copied from dpkg-dev 1.17.1
# (/usr/share/perl5/Dpkg/Vendor/Debian.pm, add_hardening_flags()),
# copyright Raphaël Hertzog , Kees Cook
# , Canonical, Ltd. licensed under GPL version 2 or
@@ -929,7 +937,12 @@ foreach my $file (@ARGV) {
my ($abi, $os, $cpu) = Dpkg::Arch::debarch_to_debtriplet($arch);
# Disable unsupported hardening options.
- if ($cpu =~ /^(?:ia64|alpha|mips|mipsel|hppa)$/ or $arch eq 'arm') {
+ if ($os !~ /^(?:linux|knetbsd|hurd)$/ or
+ $cpu =~ /^(?:hppa|mips|mipsel|avr32)$/) {
+ $harden_pie = 0;
+ }
+ if ($cpu =~ /^(?:ia64|alpha|mips|mipsel|hppa|arm64)$/
+ or $arch eq 'arm') {
$harden_stack = 0;
}
if ($cpu =~ /^(?:ia64|hppa|avr32)$/) {
@@ -971,8 +984,8 @@ foreach my $file (@ARGV) {
# Stores normal CFLAGS when @cflags_ada are temporarily used.
my @cflags_backup;
- # Ada CFLAGS.
- my @cflags_ada = @cflags;
+ # Ada CFLAGS, only set if ada is used.
+ my @cflags_ada;
# Ada doesn't support format hardening flags, see #680117 for more
# information. Filter them out if ada is used.
if ($ada and $harden_format) {