[arch-dev-public] [PATCH 1/2] Move is_elf function to a utility file
This will lay the ground for the next patch, as this function is useful for more than just the depends module. Signed-off-by: Dan McGee <dan@archlinux.org> --- Namcap/depends.py | 17 +---------------- Namcap/util.py | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 16 deletions(-) create mode 100644 Namcap/util.py diff --git a/Namcap/depends.py b/Namcap/depends.py index 4a3f733..f6cc9b2 100644 --- a/Namcap/depends.py +++ b/Namcap/depends.py @@ -18,6 +18,7 @@ # import re, os, os.path, pacman, subprocess +from Namcap.util import is_elf supported_scripts = ['python', 'perl', 'ruby', 'wish', 'expect', 'tk', 'bash', 'sh', 'dash', 'tcsh', 'pdksh' ] @@ -60,22 +61,6 @@ def figurebitsize(line): else: return 'i686' -def is_elf(path): - """ - Given a file path, ensure it exists and peek at the first few bytes - to determine if it is an ELF file. - """ - if not os.path.isfile(path): - return False - fd = open(path) - bytes = fd.read(4) - fd.close() - # magic elf header, present in binaries and libraries - if bytes == "\x7FELF": - return True - else: - return False - def scanlibs(data, dirname, names): """ Walk over all the files in the package and run "readelf -d" on them. diff --git a/Namcap/util.py b/Namcap/util.py new file mode 100644 index 0000000..6089a4b --- /dev/null +++ b/Namcap/util.py @@ -0,0 +1,38 @@ +# +# namcap rules - utility functions +# Copyright (C) 2009 Dan McGee <dan@archlinux.org> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +import os + +def is_elf(path): + """ + Given a file path, ensure it exists and peek at the first few bytes + to determine if it is an ELF file. + """ + if not os.path.isfile(path): + return False + fd = open(path) + bytes = fd.read(4) + fd.close() + # magic elf header, present in binaries and libraries + if bytes == "\x7FELF": + return True + else: + return False + +# vim: set ts=4 sw=4 noet: -- 1.6.4.4
The rpath module is another one that exhibits rather poor behavior, as it also tried to call readelf on things that didn't make sense at all. Squash this and get some big gains on packages with a lot of files. As a point of reference, running all modules on 4 varying packages has gone from 29.7 seconds to 5.0 seconds. Signed-off-by: Dan McGee <dan@archlinux.org> --- Namcap/elffiles.py | 4 ++-- Namcap/rpath.py | 15 +++++++++------ 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/Namcap/elffiles.py b/Namcap/elffiles.py index ac6a29d..7e69668 100644 --- a/Namcap/elffiles.py +++ b/Namcap/elffiles.py @@ -19,7 +19,7 @@ import os import re - +from Namcap.util import is_elf process = lambda s: re.search("/tmp/namcap\.[0-9]*/(.*)", s).group(1) @@ -35,7 +35,7 @@ def scanelf(invalid_elffiles,dirname,names): valid_dir_found = False # Checking for ELF files - if os.path.isfile(file_path) and file(file_path).read(4)=='\x7fELF': + if is_elf(file_path): for f in valid_dirs: if ('/' + process(file_path)).startswith(f): valid_dir_found = True diff --git a/Namcap/rpath.py b/Namcap/rpath.py index 530771c..faf6d3e 100644 --- a/Namcap/rpath.py +++ b/Namcap/rpath.py @@ -18,6 +18,7 @@ # import pacman, os, subprocess, re +from Namcap.util import is_elf process = lambda s: re.search("/tmp/namcap\.[0-9]*/(.*)", s).group(1) @@ -26,15 +27,17 @@ def checkrpath(insecure_rpaths, dirname, names): allowed = ['/usr/lib'] warn = ['/usr/local/lib'] + libpath = re.compile('Library rpath: \[(.*)\]') for i in names: - if os.path.isfile(dirname+'/'+i): - var = subprocess.Popen('readelf -d ' + dirname+'/'+i, + mypath = dirname + '/' + i + if is_elf(mypath): + var = subprocess.Popen('readelf -d ' + mypath, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate() for j in var[0].split('\n'): - n = re.search('Library rpath: \[(.*)\]', j) + n = libpath.search(j) # Is this a Library rpath: line? if n != None: if ":" in n.group(1): @@ -43,10 +46,10 @@ def checkrpath(insecure_rpaths, dirname, names): rpaths=[n.group(1)] for path in rpaths: if path not in allowed: - insecure_rpaths[0].append(process(dirname+'/'+i)) + insecure_rpaths[0].append(process(mypath)) break - if path in warn and process(dirname + "/" + i) not in insecure_rpaths: - insecure_rpaths[1].append(process(dirname+'/'+i)) + if path in warn and process(mypath) not in insecure_rpaths: + insecure_rpaths[1].append(process(mypath)) class package: def short_name(self): -- 1.6.4.4
participants (1)
-
Dan McGee