Properly handle quoted flags

Add an additional test to make sure we won't accidentally accept
environment variables as flags.

This does not fix Debian bug #975650. For that environment variables
must be properly handled.

diff --git a/MANIFEST b/MANIFEST
index a453de435100843c93f1ed7e6cea3c4e2ccc573b..8a27a0b69818992174e30aa2e3d0a80bdb30f0da 100644 (file)
--- a/MANIFEST
+++ b/MANIFEST
@@ -48,6 +48,7 @@ t/logs/debug-build
 t/logs/dpkg-buildpackage-architecture-new
 t/logs/dpkg-buildpackage-architecture-old
 t/logs/empty
+t/logs/env
 t/logs/false-positives
 t/logs/fortran
 t/logs/fortran-no-build-deps

diff --git a/NEWS b/NEWS
index 1d73ccd4a04fe3966fbe05ac9bc2fdb6b02e8406..2ff705516db37336b309efe4a4a0863b946b7c91 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,8 @@ Version 0.XX
 - Fix false positives from cmake which probes for compiler flags without
   setting CPPFLAGS; reported and suggested fix by Joao Eriberto Mota Filho
   (Debian Bug #994154).
+- Properly handle quoted flags; reported by Olek Wojnar (see Debian Bug
+  #975650 message 45).
 
 
 Version 0.12

diff --git a/bin/blhc b/bin/blhc
index 8606368f9f34e112582c4fe3a7a4ef02477b794d..2f8da5f2c4efdda473a2e3d414f98e65f3d796c8 100755 (executable)
--- a/bin/blhc
+++ b/bin/blhc
@@ -616,7 +616,7 @@ sub compile_flag_regexp {
     my @result = ();
     foreach my $flag (@flags) {
         # Compile flag regexp for faster execution.
-        my $regex = qr/\s$flag(?:\s|\\)/;
+        my $regex = qr/\s(['"]?)$flag\1(?:\s|\\)/;
 
         # Store flag name in replacement string for correct flags in messages
         # with qr//ed flag regexps.

diff --git a/t/logs/env b/t/logs/env
new file mode 100644 (file)
index 0000000..6b2a908
--- /dev/null
+++ b/t/logs/env
@@ -0,0 +1,3 @@
+dpkg-buildpackage: source package test
+
+VERSION=v-amd64-linux CPP="gcc -x assembler-with-cpp -E -P -Wdate-time -D_FORTIFY_SOURCE=2" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" ../../config/gen-posix-names.sh _SC_ ml_sysconf.h

diff --git a/t/logs/false-positives b/t/logs/false-positives
index a9e461b1c92c3a4ee075c323e59f1c7535787d67..1db4f0450fa6ec4456759b8aab9250943cc1a1e3 100644 (file)
--- a/t/logs/false-positives
+++ b/t/logs/false-positives
@@ -74,3 +74,5 @@ mv -f /build/nvidia-cuda-toolkit-10.1.243/debian/tmp/usr/lib/x86_64-linux-gnu/`g
 (cd ../c-libs/posix-os; make VERSION="v-amd64-linux" MAKE="make" CC="gcc -std=gnu99 -Wall" CFLAGS="-O2 -m64 -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-z,relro" DEFS="-DARCH_AMD64 -DSIZE_64 -DOPSYS_UNIX -DOPSYS_LINUX -D_GNU_SOURCE -DGNU_ASSEMBLER -DDLOPEN -DINDIRECT_CFUNC" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" LDFLAGS="-Wl,-z,relro" AR="ar" ARFLAGS="rcv" RANLIB="ranlib" INCLUDES="-I../../objs -I../../include -I.." libposix-os.a)
 
 /usr/lib/ccache/c++ -dM -E -c /usr/share/cmake-3.16/Modules/CMakeCXXCompilerABI.cpp -DKCOREADDONS_LIB -DQT_CORE_LIB -DQT_GUI_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -DQT_QML_LIB -DQT_QUICK_LIB -DQT_WIDGETS_LIB -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -Dlatte2plugin_EXPORTS -I/builds/qt-kde-team/extras/latte-dock/debian/output/latte-dock-0.9.11/obj-x86_64-linux-gnu/liblatte2 -I/builds/qt-kde-team/extras/latte-dock/debian/output/latte-dock-0.9.11/liblatte2 -I/usr/include/x86_64-linux-gnu/qt5 -I/usr/include/x86_64-linux-gnu/qt5/QtQuick -I/usr/include/x86_64-linux-gnu/qt5/QtQml -I/usr/include/x86_64-linux-gnu/qt5/QtNetwork -I/usr/include/x86_64-linux-gnu/qt5/QtCore -I/usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++ -I/usr/include/x86_64-linux-gnu/qt5/QtGui -I/usr/include/KF5/KCoreAddons -I/usr/include/KF5 -I/usr/include/KF5/Plasma -I/usr/include/KF5/KService -I/usr/include/KF5/KConfigCore -I/usr/include/KF5/KPackage -I/usr/include/KF5/KWindowSystem -I/usr/include/x86_64-linux-gnu/qt5/QtWidgets -I/usr/include/KF5/KDeclarative -I/usr/include/KF5/KIconThemes -I/usr/include -I/usr/include/c++/9 -I/usr/include/x86_64-linux-gnu/c++/9 -I/usr/include/c++/9/backward -I/usr/lib/gcc/x86_64-linux-gnu/9/include -I/usr/local/include -I/usr/include/x86_64-linux-gnu
+
+(cd /tmp/bazel_7uh2rFwh/out/execroot/io_bazel && \   exec env - \     CCACHE_DISABLE=1 \     CCACHE_TEMPDIR=/builds/bazel-team/bazel-bootstrap/debian/output/source_dir/debian/ccachetmp \     LD_LIBRARY_PATH=/usr/lib/libeatmydata \     PATH=/usr/lib/ccache/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \     PWD=/proc/self/cwd \   /usr/lib/ccache/gcc -U_FORTIFY_SOURCE -fstack-protector -Wall -Wunused-but-set-parameter -Wno-free-nonheap-object -fno-omit-frame-pointer -g '-std=c++0x' -Wdate-time '-D_FORTIFY_SOURCE=2' -g -O2 '-ffile-prefix-map=/builds/bazel-team/bazel-bootstrap/debian/output/source_dir=.' -fstack-protector-strong -Wformat '-Werror=format-security' -MD -MF bazel-out/k8-dbg/bin/src/main/cpp/util/_objs/md5/md5.pic.d '-frandom-seed=bazel-out/k8-dbg/bin/src/main/cpp/util/_objs/md5/md5.pic.o' -fPIC -iquote . -iquote bazel-out/k8-dbg/bin -fno-canonical-system-headers -Wno-builtin-macro-redefined '-D__DATE__="redacted"' '-D__TIMESTAMP__="redacted"' '-D__TIME__="redacted"' -c src/main/cpp/util/md5.cc -o bazel-out/k8-dbg/bin/src/main/cpp/util/_objs/md5/md5.pic.o)

diff --git a/t/tests.t b/t/tests.t
index 5996604ae1443d2e3e24b245c3949d4a00e650df..b4c0352f0caac860b92c9bb618acd3d05bb27cab 100644 (file)
--- a/t/tests.t
+++ b/t/tests.t
@@ -19,7 +19,7 @@
 use strict;
 use warnings;
 
-use Test::More tests => 244;
+use Test::More tests => 246;
 
 
 sub is_blhc {
@@ -633,6 +633,10 @@ CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -g -O2 -fstack-protector-strong -Wfo
 LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector-strong -Wformat -Wformat-security -Werror=format-security test.c -o lib`basename test/test`.so
 ';
 
+is_blhc 'env', '--all', 8,
+        'CPPFLAGS missing (-D_FORTIFY_SOURCE=2): VERSION=v-amd64-linux CPP="gcc -x assembler-with-cpp -E -P -Wdate-time -D_FORTIFY_SOURCE=2" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" ../../config/gen-posix-names.sh _SC_ ml_sysconf.h
+';
+
 
 # check the build log is verbose