fbfbdb8e12
We now build a docker base container based on debian sid (where the very latest packages are available). That base container is updated once a month, or whenever travis-build.Dockerfile or debian/control change, but re-used for subsequent travis runs. While the initial build might take up to 15 minutes, subsequent builds typically run in a minute or two. All the different steps that we run on travis are now factored into separate scripts in the travis/ directory. Switching to docker should also help with issue #2174.
20 lines
607 B
Bash
Executable File
20 lines
607 B
Bash
Executable File
#!/bin/sh
|
|
funcs='malloc|calloc|realloc|strdup|strndup|asprintf|write'
|
|
cstring='"([^"\\]|\\.)*"'
|
|
cchar="'[^\\\\]'|'\\\\.[^']*'"
|
|
regex="^([^'\"]|${cstring}|${cchar})*\<(${funcs})\>"
|
|
detected=0
|
|
while IFS= read -r file; do
|
|
if { cpp -w -fpreprocessed "$file" || exit "$?"; } | grep -E -- "$regex"; then
|
|
echo "^ $file calls a function that has a safe counterpart."
|
|
detected=1
|
|
fi
|
|
done << EOF
|
|
$(find -name '*.c' -not -name safewrappers.c -not -name strndup.c)
|
|
EOF
|
|
if [ "$detected" -ne 0 ]; then
|
|
echo
|
|
echo "Calls of functions that have safe counterparts were detected."
|
|
exit 1
|
|
fi
|