kconfig_lint: Fix checks when running in taint mode

The builders run perl scripts in taint mode, and some of the checks that the kconfig lint script were running were tainted, causing the script to terminate early when running on the servers. This checks to see if taint mode is enabled, and untaints the path if it is. All external tools (git & grep) must be in /bin, /usr/bin, or /usr/local/bin. This also removes the check for unused kconfig files if taint mode is enabled. Change-Id: I8d1e1c32275f759d085759fb5d8a6c85d4f99539 Signed-off-by: Martin Roth <martinroth@google.com> Reviewed-on: https://review.coreboot.org/13751 Reviewed-by: Patrick Georgi <pgeorgi@google.com> Tested-by: build bot (Jenkins)
2016-02-19 10:24:25 -07:00 · 2016-02-19 10:24:25 -07:00 · abf7d4d7e8
parent 22aa9e3fcc
commit abf7d4d7e8
1 changed files with 15 additions and 4 deletions
--- a/util/lint/kconfig_lint
+++ b/util/lint/kconfig_lint
@ -26,6 +26,12 @@ use File::Find;
 use Getopt::Long;
 use Getopt::Std;

+# If taint mode is enabled, Untaint the path - git and grep must be in /bin, /usr/bin or /usr/local/bin
+if ( ${^TAINT} ) {
+    $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
+    delete @ENV{ 'IFS', 'CDPATH', 'ENV', 'BASH_ENV' };
+}
+
 my $suppress_error_output   = 0;      # flag to prevent error text
 my $suppress_warning_output = 0;      # flag to prevent warning text
 my $show_note_output        = 0;      # flag to show minor notes text
@ -33,7 +39,7 @@ my $print_full_output       = 0;      # flag to print wholeconfig output
 my $output_file             = "-";    # filename of output - set stdout by default
 my $dont_use_git_grep       = 0;

-#globals
+# Globals
 my $top_dir        = ".";             # Directory where Kconfig is run
 my $root_dir       = "src";           # Directory of the top level Kconfig file
 my $errors_found   = 0;               # count of errors
@ -76,9 +82,6 @@ sub Main {
    #load the Kconfig tree, checking what we can and building up all the hash tables
    build_and_parse_kconfig_tree("$root_dir/Kconfig");

-    #run checks based on the data that was found
-    find( \&check_if_file_referenced, $root_dir );
-
    load_config($config_file) if ($config_file);

    check_defaults();
@ -91,6 +94,14 @@ sub Main {
    check_is_enabled();
    check_selected_symbols();

+    # Run checks based on the data that was found
+    if ( ( !$suppress_warning_output ) && ( ${^TAINT} == 0 ) ) {
+
+        # The find function is tainted - only run it if taint checking
+        # is disabled and warnings are enabled.
+        find( \&check_if_file_referenced, $root_dir );
+    }
+
    print_wholeconfig();

    if ($errors_found) {