Patchwork [V2,5/7] insane.bbclass: make the checking stricter for unsafe references in scripts

mail settings
Date Nov. 13, 2013, 6:23 a.m.
Message ID <>
Download mbox | patch
Permalink /patch/61587/
State New
Headers show

Comments - Nov. 13, 2013, 6:23 a.m.
From: Chen Qi <>

Previously, the checking for unsafe references is not strict enough. It
only checks whether '/usr/' is in the script. As a result, any script
containing statements like below will match this check.


However, as we can see, this is actually not an unsafe reference. What
we really want to check is something like '/usr/bin/tail', so we should
make the checking stricter.

This patch solves the QA warning in gzip and nfs-utils.

Signed-off-by: Chen Qi <>
 meta/classes/insane.bbclass |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index eb440c2..281af95 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -367,7 +367,7 @@  def package_qa_check_unsafe_references_in_scripts(path, name, d, elf, messages):
 		if bool(statinfo.st_mode & stat.S_IXUSR):
 			# grep shell scripts for possible references to /exec_prefix/
 			exec_prefix = d.getVar('exec_prefix', True)
-			statement = "grep -e '%s/' %s > /dev/null" % (exec_prefix, path)
+			statement = "grep -e '%s/[^ :]\{1,\}/[^ :]\{1,\}' %s > /dev/null" % (exec_prefix, path)
 			if, shell=True) == 0:
 				error_msg = pn + ": Found a reference to %s/ in %s" % (exec_prefix, path)
 				package_qa_handle_error("unsafe-references-in-scripts", error_msg, d)