# Tests for blhc.
#
-# Copyright (C) 2012 Simon Ruderich
+# Copyright (C) 2012-2013 Simon Ruderich
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
use strict;
use warnings;
-use Test::More tests => 194;
+use Test::More tests => 212;
sub is_blhc {
$usage;
is_blhc '', '--version', 0,
- 'blhc 0.02 Copyright (C) 2012 Simon Ruderich
+ 'blhc 0.04 Copyright (C) 2012-2013 Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
/s;
is_blhc 'doesnt-exist', '', 2,
- qr{^No such file or directory at \./bin/blhc line \d+\.$};
+ qr{^No such file: \./t/logs/doesnt-exist at \./bin/blhc line \d+\.$};
# No compiler commands found.
my $bad_ldflags =
'LDFLAGS missing (-Wl,-z,relro): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-ldflags', '', 8,
$bad_ldflags;
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-b.c
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-c.c
LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-ldflags', '--bindnow', 8,
'LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-ldflags', '--pie --bindnow', 8,
'CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-a.c
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-b.c
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-c.c
LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-multiline', '', 8,
is_blhc 'configure', '', 1,
$empty;
+is_blhc 'configure-check', '', 4,
+ 'NONVERBOSE BUILD: CC = gcc -std=gnu99 -std=gnu99 test.c
+';
+
is_blhc 'make', '', 1,
$empty;
';
+# ada
+
+my $ada = 'CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc-4.6 -c -fPIC -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security test.c
+LDFLAGS missing (-Wl,-z,relro): /usr/bin/gcc-4.6 -shared -lgnat-4.6 -o libtest.so.2 test-a.o test-b.o test-c.o -Wl,--as-needed
+CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -c -g -O2 test.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -c -g -O2 test.c
+CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -g -O2 test.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -g -O2 test.c
+LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 test.c
+';
+is_blhc 'ada', '', 8,
+ $ada;
+is_blhc 'ada-pbuilder', '', 8,
+ $ada;
+
+
# libtool
is_blhc 'libtool', '--bindnow', 8,
CFLAGS missing (-g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): /bin/bash ../libtool --tag=CC --mode=link gcc -Wl,-z,relro -o test.so test.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): /bin/bash ../libtool --tag=CC --mode=link gcc -Wl,-z,relro -o test.so test.c
LDFLAGS missing (-fPIE -pie -Wl,-z,now): /bin/bash ../libtool --tag=CC --mode=link gcc -Wl,-z,relro -o test.so test.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): /bin/sh ../libtool --mode=link gcc -Wl,-z,relro -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
+LDFLAGS missing (-fPIE -pie -Wl,-z,now): /bin/sh ../libtool --mode=link gcc -Wl,-z,relro -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): /bin/sh ../libtool --mode=link gcc -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): /bin/sh ../libtool --mode=link gcc -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
';
';
+# architecture in older buildd logs
+
+is_blhc 'dpkg-buildpackage-architecture-old', '', 0,
+ '';
+
+
+# correct architecture detection
+
+is_blhc 'buildd-architecture', '', 0, '';
+is_blhc 'buildd-architecture-old', '', 0, '';
+
+
# ignore architecture
is_blhc ['arch-avr32', 'arch-i386', 'empty', 'arch-mipsel'],
';
is_blhc 'debian-hardening-wrapper', '', 16,
$debian_hardening_wrapper;
+is_blhc 'debian-hardening-wrapper-old-build-depends', '', 16,
+ $debian_hardening_wrapper;
+is_blhc 'debian-hardening-wrapper-pbuilder', '', 16,
+ $debian_hardening_wrapper;
# false positives
# buildd support
-is_blhc 'empty', '--buildd', 1,
- 'I-no-compiler-commands
+is_blhc 'empty', '--buildd', 0,
+ 'I-no-compiler-commands||
';
is_blhc 'buildd-package-details', '--buildd', 0,
'';
-is_blhc 'buildd-dpkg-dev', '--buildd', 8,
- 'W-dpkg-buildflags-missing CPPFLAGS 7 (of 7), CFLAGS 6 (of 6), CXXFLAGS 1 (of 1), LDFLAGS 2 (of 2) missing
+is_blhc 'buildd-dpkg-dev', '--buildd', 0,
+ 'W-dpkg-buildflags-missing|CPPFLAGS 7 (of 7), CFLAGS 6 (of 6), CXXFLAGS 1 (of 1), LDFLAGS 2 (of 2) missing|
';
-is_blhc 'buildd-dpkg-dev-old', '--buildd', 8,
- 'W-dpkg-buildflags-missing CFLAGS 3 (of 6), CXXFLAGS 1 (of 1) missing
+is_blhc 'buildd-dpkg-dev-old', '--buildd', 0,
+ 'W-dpkg-buildflags-missing|CFLAGS 3 (of 6), CXXFLAGS 1 (of 1) missing|
';
-is_blhc 'buildd-dpkg-dev-missing', '--buildd', 8,
- 'W-dpkg-buildflags-missing CFLAGS 3 (of 6), CXXFLAGS 1 (of 1) missing
+is_blhc 'buildd-dpkg-dev-missing', '--buildd', 0,
+ 'W-dpkg-buildflags-missing|CFLAGS 3 (of 6), CXXFLAGS 1 (of 1) missing|
';
-is_blhc 'debian-hardening-wrapper', '--buildd', 16,
- 'I-hardening-wrapper-used
+is_blhc 'debian-hardening-wrapper', '--buildd', 0,
+ 'I-hardening-wrapper-used||
+';
+is_blhc 'debian-hardening-wrapper-pbuilder', '--buildd', 0,
+ 'I-hardening-wrapper-used||
';
-is_blhc 'buildd-verbose-build', '--buildd', 4,
- 'W-compiler-flags-hidden 1 (of 5) hidden
+is_blhc 'buildd-verbose-build', '--buildd', 0,
+ 'W-compiler-flags-hidden|1 (of 5) hidden|
';
-is_blhc 'make', '--buildd', 1,
- 'I-no-compiler-commands
+is_blhc 'make', '--buildd', 0,
+ 'I-no-compiler-commands||
';
-is_blhc 'debian-cmake', '--buildd', 32,
- 'I-invalid-cmake-used 2.8.7-1
+is_blhc 'debian-cmake', '--buildd', 0,
+ 'I-invalid-cmake-used|2.8.7-1|
';