diff options
| author | Carl Dong <contact@carldong.me> | 2021-09-30 20:17:53 -0400 |
|---|---|---|
| committer | fanquake <fanquake@gmail.com> | 2021-10-12 08:28:25 +0800 |
| commit | 610a8a8e39c1d94839dfb7e1c66c01f13f946657 (patch) | |
| tree | ff3b8a1c645c70989b7dc8160c617906cb0baeaf /contrib/devtools/test-security-check.py | |
| parent | 1790a8ddacae0d52135f5020894ef1ceef625cf9 (diff) | |
test-*-check: Pass in *FLAGS and compile with them
These test-*-check scripts should compile "test" binaries in a way that
is as close to what autotools would do, since the goal is to make sure
that if we run the *-check script, they can correctly detect flaws in
binaries which are compiled by our autotools-based system.
Therefore, we should emulate what happens when the binary is linked in
autotools, meaning that for C binaries, we need to supply the CFLAGS,
CPPFLAGS, and LDFLAGS flags in that order.
Note to future developers: perhaps it'd be nice to have these
test-*-check scripts be part of configure.ac to avoid having to manually
replicate autoconf-like behaviour every time we find a discrepancy. Of
course, that would also mean you'd have to write more m4...
Diffstat (limited to 'contrib/devtools/test-security-check.py')
| -rwxr-xr-x | contrib/devtools/test-security-check.py | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/contrib/devtools/test-security-check.py b/contrib/devtools/test-security-check.py index 14058e2cc8..0af7cdf5e6 100755 --- a/contrib/devtools/test-security-check.py +++ b/contrib/devtools/test-security-check.py @@ -7,6 +7,7 @@ Test script for security-check.py ''' import os import subprocess +from typing import List import unittest from utils import determine_wellknown_cmd @@ -27,7 +28,16 @@ def clean_files(source, executable): os.remove(executable) def call_security_check(cc, source, executable, options): - subprocess.run([*cc,source,'-o',executable] + options, check=True) + # This should behave the same as AC_TRY_LINK, so arrange well-known flags + # in the same order as autoconf would. + # + # See the definitions for ac_link in autoconf's lib/autoconf/c.m4 file for + # reference. + env_flags: List[str] = [] + for var in ['CFLAGS', 'CPPFLAGS', 'LDFLAGS']: + env_flags += filter(None, os.environ.get(var, '').split(' ')) + + subprocess.run([*cc,source,'-o',executable] + env_flags + options, check=True) p = subprocess.run(['./contrib/devtools/security-check.py',executable], stdout=subprocess.PIPE, universal_newlines=True) return (p.returncode, p.stdout.rstrip()) |