| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 19 Sep 2020 20:12:50 +0200 (CEST)
From: Lukas Bulwahn <lukas.bulwahn@...il.com>
To: Joe Perches <joe@...ches.com>
cc: Dwaipayan Ray <dwaipayanray1@...il.com>, lukas.bulwahn@...il.com,
linux-kernel-mentees@...ts.linuxfoundation.org, apw@...onical.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] checkpatch: extend author Signed-off-by check for split
From: header
On Sat, 19 Sep 2020, Joe Perches wrote:
> On Sat, 2020-09-19 at 13:42 +0530, Dwaipayan Ray wrote:
> > Checkpatch did not handle cases where the author From: header
> > was split into two lines. The author string went empty and
> > checkpatch generated a false NO_AUTHOR_SIGN_OFF warning.
>
> It's good to provide an example where the current code
> doesn't work.
>
Joe, as this is a linux-kernel-mentees patch, we discussed that before
reaching out to you; you can find Dwaipayan's own evaluation here:
https://lore.kernel.org/linux-kernel-mentees/CABJPP5BOTG0QLFSaRJTb2vAZ_hJf229OAQihHKG4sYd35i_WMw@mail.gmail.com/
Dwaipayan, Joe's comment is still valid; it would be good to describe
the reasons why patches might have split lines (as far as see, long
encodings for non-ascii names).
I will run my own evaluation of checkpatch.pl before and after patch
application on Monday and then check if I can confirm Dwaipayan's results.
> It likely would be better to do this by searching forward for
> any extension lines after a "^From:' rather than searching
> backwards as there can be any number of extension lines.
>
Just to sure what you are talking about...
You mean just to access the next line through the lines array, rather
than using prevheader and trying to decode that one line twice.
I agree the logic is a bit redundant and complicated at the moment.
Once prevheader is non-empty, it already clear that author is '' and
prevheader decodes with that match, because that is the only way to
make prevheader non-empty in the first place; at least as far I see it
right now.
Lukas
> > Support split From: headers in AUTHOR_SIGN_OFF check by adding
> > an additional clause to resolve author identity in such cases.
> >
> > Signed-off-by: Dwaipayan Ray <dwaipayanray1@...il.com>
> > ---
> > scripts/checkpatch.pl | 28 ++++++++++++++++++++++++----
> > 1 file changed, 24 insertions(+), 4 deletions(-)
> >
> > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> > index 504d2e431c60..86975baead22 100755
> > --- a/scripts/checkpatch.pl
> > +++ b/scripts/checkpatch.pl
> > @@ -1210,6 +1210,16 @@ sub reformat_email {
> > return format_email($email_name, $email_address);
> > }
> >
> > +sub format_author_email {
> > + my ($email, $from) = @_;
> > +
> > + $email = encode("utf8", $email) if ($from =~ /=\?utf-8\?/i);
> > + $email =~ s/"//g;
> > + $email = reformat_email($email);
> > +
> > + return $email;
> > +}
> > +
> > sub same_email_addresses {
> > my ($email1, $email2) = @_;
> >
> > @@ -2347,6 +2357,7 @@ sub process {
> > my $signoff = 0;
> > my $author = '';
> > my $authorsignoff = 0;
> > + my $prevheader = '';
> > my $is_patch = 0;
> > my $is_binding_patch = -1;
> > my $in_header_lines = $file ? 0 : 1;
> > @@ -2658,12 +2669,21 @@ sub process {
> > }
> > }
> >
> > +# Check the patch for a split From:
> > + if($prevheader ne '') {
> > + if ($author eq '' && decode("MIME-Header", $prevheader) =~ /^From:\s*(.*)/) {
> > + my $email = $1.$line;
> > + $author = format_author_email($email, $prevheader);
> > + }
> > + $prevheader = '';
> > + }
> > +
> > # Check the patch for a From:
> > if (decode("MIME-Header", $line) =~ /^From:\s*(.*)/) {
> > - $author = $1;
> > - $author = encode("utf8", $author) if ($line =~ /=\?utf-8\?/i);
> > - $author =~ s/"//g;
> > - $author = reformat_email($author);
> > + $author = format_author_email($1, $line);
> > + if($author eq '') {
> > + $prevheader = $line;
> > + }
> > }
> >
> > # Check the patch for a signoff:
>
>
Powered by blists - more mailing lists