Package: debhelper Version: 12.1.1 Severity: minor Dear Maintainer,
while debugging #931985 I notized the output of the file invocation in
dh_shlibdeps (both places) detects ELF binaries by checking for "ELF"
anywhere in the output ("$ff =~ m/ELF/").
While debhelper isn't prone against malicious packaging in many more
places, I'm a bit concerned this might trigger a mis-detection by
accident when the file program, while printing some bytes found in the
examined file, shows that letter sequence.
So I'd like to suggest using the --brief option of file and check for
/^ELF/
Regards,
Christoph
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.58 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect
Versions of packages debhelper depends on:
ii autotools-dev 20180224.1
ii dh-autoreconf 19
ii dh-strip-nondeterminism 1.2.0-2
ii dpkg 1.19.7
ii dpkg-dev 1.19.7
ii dwz 0.12.20190711-1
ii file 1:5.37-1
ii libdpkg-perl 1.19.7
ii man-db 2.8.5-2
ii perl 5.28.1-6
ii po-debconf 1.0.21
debhelper recommends no packages.
Versions of packages debhelper suggests:
ii dh-make 2.201802
-- no debconf information
signature.asc
Description: PGP signature
