diff options
author | Edward Welbourne <edward.welbourne@qt.io> | 2017-09-28 17:49:20 +0200 |
---|---|---|
committer | Edward Welbourne <edward.welbourne@qt.io> | 2017-10-13 14:01:39 +0000 |
commit | c96847a756798a3fa2d0a4c1395008676f00cfb0 (patch) | |
tree | d100765ed1c3bcec937117cbc42bcedb97db5950 | |
parent | 21574ed0092c596d46bd4639262c1918ea28af6c (diff) |
Change the permission-check to use a short whitelist
Rather than adding .txt and .ttf (recently witnessed) to the list of
suffixes on files that shouldn't be executable, rearrange the test to
actively recognize files that should be executable, complaining if any
others are executable. In the process, remove .pm from the executable
script list; #!/usr/bin/perl doesn't make sense in a .pm, only in .pl
Change-Id: I9b0de48443d04f930677ae8f64959ed26343fa35
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
-rwxr-xr-x | git-hooks/sanitize-commit | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/git-hooks/sanitize-commit b/git-hooks/sanitize-commit index b3e8031..6c042f0 100755 --- a/git-hooks/sanitize-commit +++ b/git-hooks/sanitize-commit @@ -820,13 +820,13 @@ while (<DIFF>) { # set*id; git discards it - but asking for it is misguided. complain("Adding file with set*id permissions", "permissions", 1); } elsif ($perm & 0111) { - if ($qmake || ($clike && $file !~ /\.pl$/) || $file =~ /\.(ps|pdf|png|qdoc(cconf)?|json)$/) { + if ($file =~ /\.(py|pl|sh|bash|php|cgi|js)$/ + # i.e. known script suffix; or no suffix at all: + || $file !~ m,[^/.]\.[^/.]+$,) { + $need_hash_bang = 1; + } elsif ($file !~ /\.(exe|bat|cmd|ps1)$/) { # Should not be executable. complain("Adding implausibly executable file", "permissions"); - } elsif ($file =~ /\.(py|pm|pl|sh|bash|php)$/ - # i.e. known script suffix; or no suffix at all: - || $file !~ m,[^/.]\.[^/.]+$,) { - $need_hash_bang = 1; } } } |