aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsbolint4
-rw-r--r--sbopkglint.d/75-static_libs.t.sh52
2 files changed, 53 insertions, 3 deletions
diff --git a/sbolint b/sbolint
index bf4b8ae..2d69b74 100755
--- a/sbolint
+++ b/sbolint
@@ -1671,6 +1671,10 @@ sub check_junkfiles {
log_warning("$file is a build log");
next FILE;
};
+ /\.rej$/ && do {
+ log_warning("$file is a patch reject");
+ next FILE;
+ };
/\.desktop$/ && do {
system("desktop-file-validate $file");
if($? != 0) {
diff --git a/sbopkglint.d/75-static_libs.t.sh b/sbopkglint.d/75-static_libs.t.sh
index ae6a4f5..24e7cd2 100644
--- a/sbopkglint.d/75-static_libs.t.sh
+++ b/sbopkglint.d/75-static_libs.t.sh
@@ -12,28 +12,74 @@
# triggered, suggesting removal of the static lib. this is not an error.
# TODO: this will give us file's idea of what's inside a .a archive:
-# $ bsdtar -xOf /usr/lib64/libz.a '*.*' | file -b -
+# $ ar p blah.a | file -Sb -
# ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
# For 32-bit:
# ELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), not stripped
+# Note that file needs the -S, seccomp causes file to occasionally fail
+# with 'Bad system call' when working on stdin. No idea why, -S fixes it.
# 'not stripped' is *correct*, don't complain about it! actually maybe
-# it should complain if it *is* stripped, since
+# it should complain if it *is* stripped...?
# Armed with this knowledge, we can do the same kind of arch checks for
# static libs as we do for shared (32-bit belongs in lib, 64 in lib64,
# arch of the static lib should match package's ARCH, etc).
+# Have a look at /usr/lib64/libm.a: it's a linker script. File says it's
+# ASCII text.
+# r0ni says aarch64 does this:
+# ELF 64-bit LSB relocatable, ARM aarch64, version 1 (SYSV), not stripped
+
+check_static_arch() {
+ local lib="$1"
+ local libarch="$2"
+ local libdir="$( dirname "$lib" )"
+ local dir="$( basename "$libdir" )" # lib or lib64
+
+ case "$libarch" in
+ x86) wantdir="lib" ;;
+ x86_64) wantdir="lib64" ;;
+ esac
+}
+
+check_static_lib() {
+ case "$( ar p "$1" | file -Sb - )" in
+ empty) # empty static libs are allowed, but get a 'note'.
+ note "$1 is an empty static library, remove it if not needed by a dependee." ;;
+ LLVM*) ;; # e.g. "LLVM IR bitcode", assume OK.
+ ELF*x86-64*)
+ check_static_arch "$1" x86_64
+ ;;
+ ELF*80386*)
+ check_static_arch "$1" x86
+ ;;
+ # TODO: aarch64
+ *) ;; # dunno, assume OK
+ esac
+}
for libdir in lib lib64 usr/lib usr/lib64; do
if [ -d $libdir ]; then
find_warnfiles "bad static library ownership (should be root:root):" \
-L $libdir -mindepth 1 -maxdepth 1 -name '*.a' \! \( -user root -a -group root \)
+
find_warnfiles "bad static library permissions (should be 0644 or 0444):" \
-L $libdir -mindepth 1 -maxdepth 1 -name '*.a' \! \( -perm 444 -o -perm 644 \)
+
find $libdir -mindepth 1 -maxdepth 1 -name '*.a' | while read static; do
ftype="$( file -L -b --mime-type "$static" )"
+
case "$ftype" in
- "application/x-archive") ;; # OK
+ "application/x-archive")
+ check_static_lib "$static" ;;
+ "application/x-executable")
+ warn "$static is an executable, not a static library." ;;
+ "application/x-object")
+ warn "$static is a shared library (.so), not a static library." ;;
+ "text/plain")
+ # TODO: check that this is a valid linker script (when I learn how). for now, ignore.
+ ;;
*) warn "$static is not a valid static library. MIME type is '$ftype'." ;;
esac
+
shared=$libdir/"$( basename "$static" .a)".so
if [ -e "$shared" ]; then
shname="$( basename "$shared" )"