X-Git-Url: https://ruderich.org/simon/gitweb/?p=blhc%2Fblhc.git;a=blobdiff_plain;f=bin%2Fblhc;h=a188c899d775fa742c55758cf260e44bae6690ea;hp=f1580217aaf64f94c482c63d9339cb84d10afed6;hb=573f74bd5133b4ef514c977814955942a91a3614;hpb=6983b7ad21bf01caa6730986502bd17f556da02e

diff --git a/bin/blhc b/bin/blhc
index f158021..a188c89 100755
--- a/bin/blhc
+++ b/bin/blhc
@@ -404,12 +404,6 @@ FILE: foreach my $file (@ARGV) {
     my $harden_bindnow = $option_bindnow; # defaults to 0
     my $harden_pie     = $option_pie;     # defaults to 0
 
-    # Input lines, contain only the lines with compiler commands.
-    my @input = ();
-
-    my $start = 0;
-    my $continuation = 0;
-    my $complete_line = undef;
     while (my $line = <$fh>) {
         # dpkg-buildflags only provides hardening flags since 1.16.1, don't
         # check for hardening flags in buildd mode if an older dpkg-dev is
@@ -417,8 +411,7 @@ FILE: foreach my $file (@ARGV) {
         #
         # Packages which were built before 1.16.1 but used their own hardening
         # flags are not checked.
-        if ($option_buildd and not $start
-                and $line =~ /^Toolchain package versions: /) {
+        if ($option_buildd and $line =~ /^Toolchain package versions: /) {
             require Dpkg::Version;
             if ($line !~ /dpkg-dev_(\S+)/
                     or Dpkg::Version::version_compare($1, '1.16.1') < 0) {
@@ -433,7 +426,7 @@ FILE: foreach my $file (@ARGV) {
 
         # If hardening wrapper is used (wraps calls to gcc and adds hardening
         # flags automatically) we can't perform any checks, abort.
-        if (not $start and $line =~ /^Build-Depends: .*\bhardening-wrapper\b/) {
+        if ($line =~ /^Build-Depends: .*\bhardening-wrapper\b/) {
             error_hardening_wrapper();
             $exit |= 1 << 4;
             next FILE;
@@ -441,8 +434,15 @@ FILE: foreach my $file (@ARGV) {
 
         # We skip over unimportant lines at the beginning of the log to
         # prevent false positives.
-        $start = 1 if $line =~ /^dpkg-buildpackage:/;
-        next if not $start;
+        last if $line =~ /^dpkg-buildpackage:/;
+    }
+
+    # Input lines, contain only the lines with compiler commands.
+    my @input = ();
+
+    my $continuation = 0;
+    my $complete_line = undef;
+    while (my $line = <$fh>) {
         # And stop at the end of the build log. Package details (reported by
         # the buildd logs) are not important for us. This also prevents false
         # positives.