lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190906090439.37b8d334@coco.lan>
Date:   Fri, 6 Sep 2019 09:04:39 -0300
From:   Mauro Carvalho Chehab <mchehab+samsung@...nel.org>
To:     Linux Media Mailing List <linux-media@...r.kernel.org>
Cc:     Mauro Carvalho Chehab <mchehab@...radead.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Joe Perches <joe@...ches.com>, linux-kernel@...r.kernel.org,
        Jonathan Corbet <corbet@....net>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Sven Eckelmann <sven@...fation.org>,
        Thierry Reding <treding@...dia.com>,
        Aurélien Cedeyn <aurelien.cedeyn@...il.com>,
        Uwe Kleine-König 
        <u.kleine-koenig@...gutronix.de>,
        Thomas Gleixner <tglx@...utronix.de>,
        Vincenzo Frascino <vincenzo.frascino@....com>
Subject: [PATCH v2 6/6] scripts/spdxcheck.py: check if the line number
 follows the strict rule

There is a very strict rule saying on what line a SPDX header
should be. Add an optional pedantic check for it.

When the check is enabled, it will verify if the file has the
SPDX header "at the first possible line in a file which can contain
a comment", as stated at:

	Documentation/process/license-rules.rst

Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung@...nel.org>

diff --git a/scripts/spdxcheck.py b/scripts/spdxcheck.py
index c969b050366f..920cceb0d036 100755
--- a/scripts/spdxcheck.py
+++ b/scripts/spdxcheck.py
@@ -164,9 +164,18 @@ class id_parser(object):
         self.lastid = None
         self.parser.parse(expr, lexer = self.lexer)
 
-    def parse_lines(self, fd, maxlines, fname):
+    def parse_lines(self, fd, maxlines, fname, strict):
         self.checked += 1
         self.curline = 0
+        self.max_line = 1
+        self.is_python = False
+
+        if fname.endswith(".py"):
+            self.is_python = True
+
+        if fname.find("COPYING") >= 0:
+            self.max_line = maxlines
+
         try:
             for line in fd:
                 line = line.decode(locale.getpreferredencoding(False), errors='ignore')
@@ -174,6 +183,13 @@ class id_parser(object):
                 if self.curline > maxlines:
                     break
                 self.lines_checked += 1
+                if self.curline == 1:
+		    if re.match("\#\!", line):
+                        self.max_line = 2
+			if re.match("\#\!.*python", line):
+			    is_python = True
+                if self.curline <= 2 and self.is_python and re.match("^[ \t\f]*#.*?coding[:=][ \t]*([-_.a-zA-Z0-9]+)", line):
+                        self.max_line += 1
                 if line.find("SPDX-License-Identifier:") < 0:
                     continue
                 expr = line.split(':')[1].strip()
@@ -189,6 +205,8 @@ class id_parser(object):
                 # Should we check for more SPDX ids in the same file and
                 # complain if there are any?
                 #
+                if strict and self.curline > self.max_line:
+                    sys.stderr.write('Warning: SPDX header for file %s is at line %d\n' % (fname,self.curline))
                 return self.curline - 1
 
             return -1
@@ -202,7 +220,7 @@ class id_parser(object):
                 sys.stdout.write('%s: %d:0 %s\n' %(fname, self.curline, col, pe.txt))
             self.spdx_errors += 1
 
-def scan_git_tree(ln_count, tree):
+def scan_git_tree(ln_count, tree, strict):
     for el in tree.traverse():
         # Exclude stuff which would make pointless noise
         # FIXME: Put this somewhere more sensible
@@ -213,15 +231,15 @@ def scan_git_tree(ln_count, tree):
         if not os.path.isfile(el.path):
             continue
         with open(el.path, 'rb') as fd:
-            ln = parser.parse_lines(fd, args.maxlines, el.path)
+            ln = parser.parse_lines(fd, args.maxlines, el.path, strict)
             if ln >= 0:
                 ln_count[ln] += 1;
     return ln_count
 
-def scan_git_subtree(ln_count, tree, path):
+def scan_git_subtree(ln_count, tree, path, strict):
     for p in path.strip('/').split('/'):
         tree = tree[p]
-    scan_git_tree(ln_count, tree)
+    scan_git_tree(ln_count, tree, strict)
 
 if __name__ == '__main__':
 
@@ -231,6 +249,7 @@ if __name__ == '__main__':
                     help='Maximum number of lines to scan in a file. Default 15')
     ap.add_argument('-v', '--verbose', action='store_true', help='Verbose statistics output')
     ap.add_argument('-H', '--histogram', action='store_true', help='Verbose histogram about SPDX header position')
+    ap.add_argument('-s', '--strict', action='store_true', help='Enable strict mode, making it complain about SPDX line position')
     args = ap.parse_args()
 
     # Sanity check path arguments
@@ -266,7 +285,7 @@ if __name__ == '__main__':
     try:
         if len(args.path) and args.path[0] == '-':
             stdin = os.fdopen(sys.stdin.fileno(), 'rb')
-            ln = parser.parse_lines(stdin, args.maxlines, '-')
+            ln = parser.parse_lines(stdin, args.maxlines, '-', args.strict)
             if ln >= 0:
                 ln_count[ln] += 1;
 
@@ -274,18 +293,18 @@ if __name__ == '__main__':
             if args.path:
                 for p in args.path:
                     if os.path.isfile(p):
-                        ln = parser.parse_lines(open(p, 'rb'), args.maxlines, p)
+                        ln = parser.parse_lines(open(p, 'rb'), args.maxlines, p, args.strict)
                         if ln >= 0:
                             ln_count[ln] += 1;
 
                     elif os.path.isdir(p):
-                        scan_git_subtree(ln_count, repo.head.reference.commit.tree, p)
+                        scan_git_subtree(ln_count, repo.head.reference.commit.tree, p, args.strict)
                     else:
                         sys.stderr.write('path %s does not exist\n' %p)
                         sys.exit(1)
             else:
                 # Full git tree scan
-                scan_git_tree(ln_count, repo.head.commit.tree)
+                scan_git_tree(ln_count, repo.head.commit.tree, args.strict)
 
             if args.verbose:
                 sys.stderr.write('\n')

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ