[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH] maint: avoid future setgid problems



* cfg.mk (sc_prohibit_setuid)
(exclude_file_name_regexp--sc_prohibit_setuid): New rule.
(VC_LIST_ALWAYS_EXCLUDE_REGEX): Always exempt po files.
(exclude_file_name_regexp--sc_prohibit_asprintf): Simplify.
(exclude_file_name_regexp--sc_prohibit_can_not): Drop.
(exclude_file_name_regexp--sc_prohibit_doubled_word): Likewise.
---

Tested by temporarily reverting commit 5e09aea7.

 cfg.mk |   16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/cfg.mk b/cfg.mk
index c2230b8..a5f343f 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -74,7 +74,7 @@ local-checks-to-skip =			\
   sc_useless_cpp_parens

 # Files that should never cause syntax check failures.
-VC_LIST_ALWAYS_EXCLUDE_REGEX = ^(HACKING|docs/news\.html\.in)$$
+VC_LIST_ALWAYS_EXCLUDE_REGEX = (^(HACKING|docs/news\.html\.in)|\.po)$$

 # Functions like free() that are no-ops on NULL arguments.
 useless_free_options =				\
@@ -290,6 +290,12 @@ sc_prohibit_asprintf:
 	halt='use virAsprintf, not as'printf				\
 	  $(_sc_search_regexp)

+# Prefer virSetUIDGID.
+sc_prohibit_setuid:
+	@prohibit='\<set(re)?[ug]id\> *\('				\
+	halt='use virSetUIDGID, not raw set*id'				\
+	  $(_sc_search_regexp)
+
 # Use snprintf rather than s'printf, even if buffer is provably large enough,
 # since gnulib has more guarantees for snprintf portability
 sc_prohibit_sprintf:
@@ -607,15 +613,11 @@ exclude_file_name_regexp--sc_prohibit_always_true_header_tests = \
   (^docs|^python/(libvirt-override|typewrappers)\.c$$)

 exclude_file_name_regexp--sc_prohibit_asprintf = \
-  ^(bootstrap.conf$$|po/|src/util/util\.c$$|examples/domain-events/events-c/event-test\.c$$)
-
-exclude_file_name_regexp--sc_prohibit_can_not = ^po/
+  ^(bootstrap.conf$$|src/util/util\.c$$|examples/domain-events/events-c/event-test\.c$$)

 exclude_file_name_regexp--sc_prohibit_close = \
   (\.p[yl]$$|^docs/|(src/util/files\.c|src/libvirt\.c)$$)

-exclude_file_name_regexp--sc_prohibit_doubled_word = ^po/
-
 exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF = \
   (^docs/api_extension/|^tests/qemuhelpdata/|\.(gif|ico|png)$$)

@@ -635,6 +637,8 @@ exclude_file_name_regexp--sc_prohibit_nonreentrant = \

 exclude_file_name_regexp--sc_prohibit_readlink = ^src/util/util\.c$$

+exclude_file_name_regexp--sc_prohibit_setuid = ^src/util/util\.c$$
+
 exclude_file_name_regexp--sc_prohibit_sprintf = ^(docs/|HACKING$$)

 exclude_file_name_regexp--sc_prohibit_strncpy = \
-- 
1.7.4.4


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]