On 2014-01-06 23:07, Georges Khaznadar wrote:
> Package: lintian
> Version: 2.5.20
> Severity: normal
> Tags: patch
>
> Dear Maintainer,
> I propose to refine a little the check for warnings in manpages
> Here are my replies to the ordinary questions:
>
Hi,
Thanks for reporting this issue.
> [...]
>
>
> --- lintian-2.5.20/checks/manpages.pm 2013-11-23 19:04:56.000000000 +0100
> +++ lintian-2.5.20+nmu1/checks/manpages.pm 2014-01-06 23:05:26.040016000
> +0100
> @@ -268,6 +268,13 @@
> if ($dir) {
> chdir($dir);
> }
> + # find the path to man macros if necessary
> + my $macro_path=$path;
> + $macro_path =~ s{(.*/unpacked).*}{$1};
Looks like you want:
my $macro_path = $info->unpacked
> + $macro_path = `find $macro_path -type d -name tmac| tr '\\n'
> ':'`;
If so, we can probably settle this one by quoting the $macro_path
variable in the ``. Otherwise, this is a possible CVE (if $macro_path
is taken from the package, it is a "trivial" matter creating a file/dir
in the package which causes the above line to suffer from shell command
injection).
Maybe use -print0 if tr supports null -> ":", but that is nitpicking.
Alternatively there is File::Find.
Personally, I am not familiar with the "tmac" files; are they always
expected in a dir called "tmac"? And can they really be anywhere in the
package? Or can we narrow it down to say usr/share/ ?
> + if ($macro_path){
> + $ENV{GROFF_TMAC_PATH}=$macro_path;
> + }
> $ENV{MANROFFSEQ} = '';
> $ENV{MANWIDTH} = 80;
> exec { $cmd[0] } @cmd
>
~Niels
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
