Package: devscripts
Version: 2.10.49
User: [email protected]
Usertags: checkbashisms
Hi,
These are some of my findings based on the recent checkbashisms run:
(NOTE: a combined diff is attached)
-----------------
FP:
> possible bashism in
> ./usr/share/pyshared/support-files/setuptools-0.6c9-py2.4.egg line 202
Fix (allow exec to be preceded by 'then'):
@@ -408,7 +409,7 @@ sub script_is_evil_and_wrong {
last if (++$i > 55);
if (m~
# the exec should either be "eval"ed or a new statement
- (^\s*|\beval\s*[\'\"]|(;|&&)\s*)
+ (^\s*|\beval\s*[\'\"]|(;|&&|\bthen)\s*)
# eat anything between the exec and $0
exec\s*.+\s*
-----------------
FP:
> possible bashism in ./usr/share/shorewall6-lite/lib.base line 684 (sourced
> script with arguments):
> . $(find_file $(expand $@))
Workaround (this needs to be fixed by stripping evals, $(), ``, and any other
form of code execution and looking for bashisms in those parts individually):
Apply the same dummy logic used for "" and '' to $()
@@ -281,8 +282,8 @@ foreach my $filename (@ARGV) {
# detect source (.) trying to pass args to the command it runs
# The first expression weeds out '. "foo bar"'
if (not $found and
- not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\')\s*(\&|\||\d?>|<|;|\Z)/
- and m/^\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
+ not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\'|\$\([^)]+\)+)\s*(\&|\||
\d?>|<|;|\Z)/
+ and m/\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
if ($2 =~ /^(\&|\||\d?>|<)/) {
# everything is ok
;
-----------------
FN:
> if something; then . foo bar; else bar; fi
Fix (+ move LEADIN to the global scope):
@@ -281,8 +282,8 @@ foreach my $filename (@ARGV) {
# detect source (.) trying to pass args to the command it runs
# The first expression weeds out '. "foo bar"'
if (not $found and
- not m/^\s*\.\s+(\"[^\"]+\"|\'[^\']+\')\s*(\&|\||\d?>|<|;|\Z)/
- and m/^\s*(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
+ not m/$LEADIN\.\s+(\"[^\"]+\"|\'[^\']+\'|\$\([^)]+\)+)\s*(\&|
\||\d?>|<|;|\Z)/
+ and m/$LEADIN(\.\s+[^\s;\`:]+\s+([^\s;]+))/) {
if ($2 =~ /^(\&|\||\d?>|<)/) {
# everything is ok
;
-----------------
Still to be fixed:
> . $(foo $(bar) moo)
-----------------
FP (new kind of wrapper):
usr/share/doc/systemtap-doc/examples/process/errsnoop.stp:
> #!/bin/sh
> //usr/bin/env stap -DMAXMAPENTRIES=20480 $0 $@; exit $?
> # errsnoop.stp
> ...
-----------------
FP (ref: #530084):
> if false; then foo; else exec something; fi
@@ -408,7 +409,7 @@ sub script_is_evil_and_wrong {
last if (++$i > 55);
if (m~
# the exec should either be "eval"ed or a new statement
- (^\s*|\beval\s*[\'\"]|(;|&&)\s*)
+ (^\s*|\beval\s*[\'\"]|(;|&&|\b(then|else))\s*)
# eat anything between the exec and $0
exec\s*.+\s*
-----------------
FN:
> #!/bin/sh
> cat <<FOO
> hello
> $(echo -e "world\c")
>
> Running on $OSTYPE
> FOO
Only here docs with quoted markers should be ignored.
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
Changed Bug title to `[checkbashisms] Better handle heredocs with non-quoted markers' from `checkbashisms: multiple false positives and false negatives'.
Request was from Adam D. Barratt <[email protected]>
to [email protected].
(Thu, 28 May 2009 18:03:07 GMT) (full text, mbox, link).
Subject: Re: Bug#530907: [checkbashisms] Better handle heredocs with non-quoted markers
Date: Fri, 9 Jul 2010 17:57:46 -0500
Hi,
To clarify, the problem is that checkbashisms currently doesn't look for
certain bashisms in heredocs with non-quoted markers. Such bashisms can occur
inside $(), ``, and when using variables (e.g. $OSTYPE.)
To fully implement this, 530905 needs to be done too.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.