// Iterate over all elements
while (runpath) {
- DEBUG(file->pakfire, "Checking RUNPATH %s\n", runpath);
+ ERROR(file->pakfire, "Checking RUNPATH %s\n", runpath);
// We do not allow any relative RUNPATHs
- if (pakfire_path_match(runpath, "**/../**")) {
- file->issues |= PAKFIRE_FILE_HAS_RUNPATH;
- break;
- }
-
- /*
- We allow some RUNPATHs where some software is loading some
- modules as shared objects from a private directory in /usr/lib64.
- */
- if (!pakfire_path_match(runpath, "/usr/lib64")
- && !pakfire_path_match(runpath, "/usr/lib64/**")) {
- file->issues |= PAKFIRE_FILE_HAS_RUNPATH;
- break;
- }
+ if (pakfire_path_match(runpath, "**/../**"))
+ goto RUNPATH_DENIED;
+
+ // We allow /usr/lib64 as libtool seems to link it in quite a lot
+ if (pakfire_path_match("/usr/lib64", runpath))
+ goto RUNPATH_PERMITTED;
+
+ // We allow any subdirectories of /usr/lib64
+ if (pakfire_path_match( "/usr/lib64/**", runpath))
+ goto RUNPATH_PERMITTED;
+
+RUNPATH_DENIED:
+ // If we make it here, this check has failed
+ file->issues |= PAKFIRE_FILE_HAS_RUNPATH;
+ break;
+RUNPATH_PERMITTED:
// Move on to the next RUNPATH
runpath = strtok_r(NULL, ":", &p);
}
projects / pakfire.git / commitdiff
