Re: confused by rpminspect automated test

Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> · Mon, 9 Mar 2020 14:54:27 +0000

On Mon, Mar 09, 2020 at 10:12:26AM -0400, David Cantrell wrote:
> In this case, the blacklisted functions are listed in
> /etc/rpminspect/rpminspect.conf as the value of the elf_ipv6_blacklist.  That
> looks like this in rpminspect-data-fedora:
> 
>     elf_ipv6_blacklist = "gethostbyname gethostbyname2 gethostbyaddr inet_addr
>     inet_aton inet_nsap_addr inet_ntoa inet_nsap_ntoa inet_makeaddr inet_netof
>     inet_network inet_neta inet_net_ntop inet_net_pton rcmd rexec rresvport"

Thanks. I'd suggest to be very specific in the report, and always including
the name of the offending function. Something like
"message: /usr/lib/systemd/tests/test-dhcp-client uses function inet_addr() which
is unsuitable for IPv6".

So it seems rpminspect doesn't like the following code:
src/network/test-network.c:63:                assert_se(routes[0].dst_addr.s_addr == inet_addr("192.168.0.0"));
src/network/test-network.c:64:                assert_se(routes[0].gw_addr.s_addr == inet_addr("192.168.0.1"));
src/network/test-network.c:67:                assert_se(routes[1].dst_addr.s_addr == inet_addr("10.1.2.0"));
src/network/test-network.c:68:                assert_se(routes[1].gw_addr.s_addr == inet_addr("10.1.2.1"));
src/network/test-network.c:71:                assert_se(routes[2].dst_addr.s_addr == inet_addr("0.0.0.0"));
src/network/test-network.c:72:                assert_se(routes[2].gw_addr.s_addr == inet_addr("10.0.1.1"));
src/network/test-network.c:84:                assert_se(routes[0].dst_addr.s_addr == inet_addr("192.168.0.0"));
src/network/test-network.c:85:                assert_se(routes[0].gw_addr.s_addr == inet_addr("192.168.0.1"));
src/network/test-network.c:88:                assert_se(routes[1].dst_addr.s_addr == inet_addr("0.0.0.0"));
src/network/test-network.c:89:                assert_se(routes[1].gw_addr.s_addr == inet_addr("10.0.1.1"));
src/resolve/test-dnssec.c:327:        a->a.in_addr.s_addr = inet_addr("52.0.14.116");
src/resolve/test-resolved-etc-hosts.c:81:        assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.4")));
src/resolve/test-resolved-etc-hosts.c:82:        assert_se(address_equal_4(bn->addresses[1], inet_addr("1.2.3.5")));
src/resolve/test-resolved-etc-hosts.c:88:        assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.6")));
src/resolve/test-resolved-etc-hosts.c:93:        assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.6")));
src/resolve/test-resolved-etc-hosts.c:102:        assert_se(address_equal_4(bn->addresses[0], inet_addr("1.2.3.9")));
src/resolve/test-resolved-etc-hosts.c:103:        assert_se(address_equal_4(bn->addresses[1], inet_addr("1.2.3.10")));
src/resolve/test-resolved-etc-hosts.c:104:        assert_se(address_equal_4(bn->addresses[2], inet_addr("1.2.3.11")));
src/resolve/test-resolved-etc-hosts.c:105:        assert_se(address_equal_4(bn->addresses[3], inet_addr("1.2.3.12")));

The code is OK as is, it's just doing resolution of fixed addresses for testing purposes.
RFE: filter out reports for anything with "test" in the name.
That'd cut down on various false positives a lot.

> /etc/rpminspect/rpminspect.conf

So that is a global config file...
RFE: move it under /usr, and only look for overrides in /etc.
99% of users should not modify that, and it shouldn't be in /etc.

I certainly don't want to modify global rpminspect config. How do
I silence those results just for the systemd package?

Zbyszek
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx