Bug#865563: libcatmandu-sru-perl FTBFS: test failures

Fri, 23 Jun 2017 10:48:23 -0700 

On Fri, 23 Jun 2017 17:22:52 +0200, gregor herrmann wrote:

> > So what is not there anymore is PERL_USE_UNSAFE_INC=1.
> 
> Dom, I think you're our expert on dot-in-inc; do you think my hunch
> is correct that we need to add PERL_USE_UNSAFE_INC back?
> (And if yes, where would be the best place - in the $dot_in_inc_code,
> and if yes within the if(); or after $dot_in_inc_code is output in
> the second hunk of the above diff?

So this seems to work (as in: libcatmandu-sru-perl builds again, if I
change /usr/share/perl5/Module/Build/Base.pm in the chroot):

--- a/lib/Module/Build/Base.pm
+++ b/lib/Module/Build/Base.pm
@@ -1866,6 +1866,7 @@ BEGIN {
 $quoted_INC
     );
 $dot_in_inc_code
+\$ENV{"PERL_USE_UNSAFE_INC"} = 1;
 }

 close(*DATA) unless eof(*DATA); # ensure no open handles to this script


I didn't have any success when playing with the new $dot_in_inc_code
string, seems like the condition is never met. (And to be honest, I
don't understand the logic ...) [0]

So it looks like we really need PERL_USE_UNSAFE_INC, and we might
want to insert it unconditionally manually where we did prior to the
accidental removal in the last upload.


Cheers,
gregor

[0]
my $dot_in_inc_code = $INC[-1] eq '.' ? <<'END' : '';
    if ($INC[-1] ne '.') {
        push @INC, '.';
    }
END

What also works is reverting the logic:

--- /usr/share/perl5/Module/Build/Base.pm~      2017-06-19 17:25:18.000000000 
+0000
+++ /usr/share/perl5/Module/Build/Base.pm       2017-06-23 17:42:01.820466942 
+0000
@@ -1824,7 +1824,7 @@
   my $shebang = $self->_startperl;
   my $magic_number = $self->magic_number;
 
-my $dot_in_inc_code = $INC[-1] eq '.' ? <<'END' : '';
+my $dot_in_inc_code = $INC[-1] ne '.' ? <<'END' : '';
     if ($INC[-1] ne '.') {
         push @INC, '.';
     }


Then PERL_USE_UNSAFE_INC is not needed. But testing $INC[-1] ne '.'
two times make as little sense to me as first testing eq '.' and then ne '.'
...

-- 
 .''`.  https://info.comodo.priv.at/ - Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: Diana Krall: Love Me Like A Man

Attachment: signature.asc
Description: Digital Signature

Reply via email to