On Mon, Mar 09, 2020 at 10:12:26AM -0400, David Cantrell wrote:
> In this case, the blacklisted functions are listed in
> /etc/rpminspect/rpminspect.conf as the value of the elf_ipv6_blacklist. That
> looks like this in rpminspect-data-fedora:
>
> elf_ipv6_blacklist = "gethostbyname gethostbyname2 gethostbyaddr inet_addr
> inet_aton inet_nsap_addr inet_ntoa inet_nsap_ntoa inet_makeaddr inet_netof
> inet_network inet_neta inet_net_ntop inet_net_pton rcmd rexec rresvport"
Thanks. I'd suggest to be very specific in the report, and always including
the name of the offending function. Something like
"message: /usr/lib/systemd/tests/test-dhcp-client uses function inet_addr()
which
is unsuitable for IPv6".
So it seems rpminspect doesn't like the following code:
src/network/test-network.c:63:
assert_se(routes[0].dst_addr.s_addr == inet_addr("192.168.0.0"));
src/network/test-network.c:64:
assert_se(routes[0].gw_addr.s_addr == inet_addr("192.168.0.1"));
src/network/test-network.c:67:
assert_se(routes[1].dst_addr.s_addr == inet_addr("10.1.2.0"));
src/network/test-network.c:68:
assert_se(routes[1].gw_addr.s_addr == inet_addr("10.1.2.1"));
src/network/test-network.c:71:
assert_se(routes[2].dst_addr.s_addr == inet_addr("0.0.0.0"));
src/network/test-network.c:72:
assert_se(routes[2].gw_addr.s_addr == inet_addr("10.0.1.1"));
src/network/test-network.c:84:
assert_se(routes[0].dst_addr.s_addr == inet_addr("192.168.0.0"));
src/network/test-network.c:85:
assert_se(routes[0].gw_addr.s_addr == inet_addr("192.168.0.1"));
src/network/test-network.c:88:
assert_se(routes[1].dst_addr.s_addr == inet_addr("0.0.0.0"));
src/network/test-network.c:89:
assert_se(routes[1].gw_addr.s_addr == inet_addr("10.0.1.1"));
src/resolve/test-dnssec.c:327: a->a.in_addr.s_addr =
inet_addr("52.0.14.116");
src/resolve/test-resolved-etc-hosts.c:81:
assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.4")));
src/resolve/test-resolved-etc-hosts.c:82:
assert_se(address_equal_4(bn->addresses[1], inet_addr("1.2.3.5")));
src/resolve/test-resolved-etc-hosts.c:88:
assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.6")));
src/resolve/test-resolved-etc-hosts.c:93:
assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.6")));
src/resolve/test-resolved-etc-hosts.c:102:
assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.9")));
src/resolve/test-resolved-etc-hosts.c:103:
assert_se(address_equal_4(bn->addresses[1], inet_addr("1.2.3.10")));
src/resolve/test-resolved-etc-hosts.c:104:
assert_se(address_equal_4(bn->addresses[2], inet_addr("1.2.3.11")));
src/resolve/test-resolved-etc-hosts.c:105:
assert_se(address_equal_4(bn->addresses[3], inet_addr("1.2.3.12")));
The code is OK as is, it's just doing resolution of fixed addresses for testing
purposes.
RFE: filter out reports for anything with "test" in the name.
That'd cut down on various false positives a lot.
> /etc/rpminspect/rpminspect.conf
So that is a global config file...
RFE: move it under /usr, and only look for overrides in /etc.
99% of users should not modify that, and it shouldn't be in /etc.
I certainly don't want to modify global rpminspect config. How do
I silence those results just for the systemd package?
Zbyszek
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
