From: Ujjwal Kumar <ujjwalkumar0501@gmail.com>
To: Joe Perches <joe@perches.com>, Lukas Bulwahn <lukas.bulwahn@gmail.com>
Cc: linux-kernel-mentees@lists.linuxfoundation.org,
linux-kernel@vger.kernel.org
Subject: Re: [Linux-kernel-mentees] [RFC PATCH] checkpatch: add shebang check to EXECUTE_PERMISSIONS
Date: Mon, 12 Oct 2020 19:22:47 +0530 [thread overview]
Message-ID: <5a3fc45f-e5d7-da3d-4b4b-2a23512ff8de@gmail.com> (raw)
In-Reply-To: <63053585d41ff81cdaad6cb727eb83d81207041a.camel@perches.com>
On 12/10/20 11:47 am, Joe Perches wrote:
> On Mon, 2020-10-12 at 11:19 +0530, Ujjwal Kumar wrote:
>> checkpatch.pl checks for invalid EXECUTE_PERMISSIONS on source
>> files. The script leverages filename extensions and its path in
>> the repository to decide whether to allow execute permissions on
>> the file or not.
>>
>> Based on current check conditions, a perl script file having
>> execute permissions, without '.pl' extension in its filename
>> and not belonging to 'scripts/' directory is reported as ERROR
>> which is a false-positive.
>>
>> Adding a shebang check along with current conditions will make
>> the check more generalised and improve checkpatch reports.
>> To do so, without breaking the core design decision of checkpatch,
>> we can fetch the first line from the patch itself and match it for
>> a shebang pattern.
>>
>> There can be cases where the first line is not part of the patch.
>
> For instance: a patch that only changes permissions
> without changing any of the file content.
>
>>
>> In that case there may be a false-positive report but in the end we
>> will have less false-positives as we will be handling some of the
>> unhandled cases.
>
>> Signed-off-by: Ujjwal Kumar <ujjwalkumar0501@gmail.com>
>> ---
>> Apologies, I forgot to include linux-kernel@vger.kernel.org so I'm
>> now resending.
>>
>> scripts/checkpatch.pl | 19 +++++++++++++++++++
>> 1 file changed, 19 insertions(+)
>>
>> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> []
>> @@ -1795,6 +1795,23 @@ sub get_stat_here {
>> return $herectx;
>> }
>
> First some style trivia:
>
>> +sub get_shebang {
>> + my ($linenr, $realfile) = @_;
>> + my $rawline = "";
>> + my $shebang = "";
>> +
>> + $rawline = raw_line($linenr, 3);
>> + if (defined $rawline &&
>> + $rawline =~ /^\@\@ -\d+(?:,\d+)? \+(\d+)(,(\d+))? \@\@/) {
>
> alignment to open parenthesis please
>
>> + if (defined $1 && $1 == 1) {
>> + $shebang = raw_line($linenr, 4);
>> + $shebang = substr $shebang, 1;
>
> parentheses around substr please.
>
>> + }
>> + }
>> +
>> + return $shebang;
>> +}
>
> And some real notes:
>
> $realfile isn't used in this function so there doesn't
> seem to be a reason to have it as an function argument.
>
>> +
>> sub cat_vet {
>> my ($vet) = @_;
>> my ($res, $coded);
>> @@ -2680,7 +2697,9 @@ sub process {
>> # Check for incorrect file permissions
>> if ($line =~ /^new (file )?mode.*[7531]\d{0,2}$/) {
>
> probably better here to use a capture group for the permissions
>
> if ($line =~ /^new (?:file )?mode (\d+)$/) {
> my $mode = substr($1, -3);
This
>
>> my $permhere = $here . "FILE: $realfile\n";
>> + my $shebang = get_shebang($linenr, $realfile);
>> if ($realfile !~ m@scripts/@ &&
>
> Maybe remove the $realfile directory test as
> there are many source files that are not scripts
> in this directory and its subdirectories.
this
>
>> + $shebang !~ /^#!\s*(\/\w)+.*/ &&
>
> unnecessary capture group
>
> and add
>
> $mode =~ /[1357]/ &&
this
>
>> $realfile !~ /\.(py|pl|awk|sh)$/) {
>
> No need for a a capture group here either. (existing defect)
and this.
>
>> ERROR("EXECUTE_PERMISSIONS",
>> "do not set execute permissions for source files\n" . $permhere);
>
>
>
Should these new changes go as a separate patch or can they be
included in the next iteration of this patch?
Thanks
Ujjwal Kumar
_______________________________________________
Linux-kernel-mentees mailing list
Linux-kernel-mentees@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees
next prev parent reply other threads:[~2020-10-12 13:52 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-12 5:49 [Linux-kernel-mentees] [RFC PATCH] checkpatch: add shebang check to EXECUTE_PERMISSIONS Ujjwal Kumar
2020-10-12 6:17 ` Joe Perches
2020-10-12 13:52 ` Ujjwal Kumar [this message]
2020-10-12 14:16 ` Lukas Bulwahn
2020-10-12 15:23 ` Joe Perches
2020-10-12 15:08 ` Joe Perches
-- strict thread matches above, loose matches on Subject: below --
2020-10-12 4:36 Ujjwal Kumar
2020-10-12 5:25 ` Lukas Bulwahn
2020-10-11 16:21 Ujjwal Kumar
2020-10-11 16:40 ` Ujjwal Kumar
2020-10-11 17:50 ` Lukas Bulwahn
2020-10-11 18:14 ` Ujjwal Kumar
2020-10-11 18:19 ` Lukas Bulwahn
2020-10-11 18:32 ` Ujjwal Kumar
2020-10-11 18:35 ` Lukas Bulwahn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5a3fc45f-e5d7-da3d-4b4b-2a23512ff8de@gmail.com \
--to=ujjwalkumar0501@gmail.com \
--cc=joe@perches.com \
--cc=linux-kernel-mentees@lists.linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lukas.bulwahn@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).