From fb5a2209fc509ba32042654bcf36683c821223e0 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20Mart=C3=AD?= Date: Wed, 16 Oct 2013 22:50:07 +0200 Subject: [PATCH] Use python-magic, filemagic's official python binding lib --- docs/fdroid.texi | 2 +- fdroidserver/common.py | 81 ++++++++++++++++++++++-------------------- 2 files changed, 43 insertions(+), 40 deletions(-) diff --git a/docs/fdroid.texi b/docs/fdroid.texi index 564e233c..08931c3c 100644 --- a/docs/fdroid.texi +++ b/docs/fdroid.texi @@ -139,7 +139,7 @@ Paramiko (debian package python-paramiko) @item Imaging (debian package python-imaging) @item -Filemagic (pip install filemagic) +Magic (debian package python-magic) @end itemize diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 022b0a27..2afbc248 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -23,6 +23,7 @@ import subprocess import time import operator import cgi +import magic def getvcs(vcstype, remote, local, sdk_path): if vcstype == 'git': @@ -1588,48 +1589,50 @@ def scan_source(build_dir, root_dir, thisbuild): ignore = [p.strip() for p in thisbuild['scanignore'].split(';')] else: ignore = [] + + ms = magic.open(magic.MIME_TYPE) + ms.load() # Iterate through all files in the source code... - import magic - with magic.Magic(flags=magic.MAGIC_MIME_TYPE) as m: - for r,d,f in os.walk(build_dir): - for curfile in f: - - if '/.hg' in r or '/.git' in r or '/.svn' in r: - continue - - # Path (relative) to the file... - fp = os.path.join(r, curfile) - fd = fp[len(build_dir)+1:] - - # Check if this file has been explicitly excluded from scanning... - ignorethis = False - for i in ignore: - if fd.startswith(i): - ignorethis = True + for r,d,f in os.walk(build_dir): + for curfile in f: + + if '/.hg' in r or '/.git' in r or '/.svn' in r: + continue + + # Path (relative) to the file... + fp = os.path.join(r, curfile) + fd = fp[len(build_dir)+1:] + + # Check if this file has been explicitly excluded from scanning... + ignorethis = False + for i in ignore: + if fd.startswith(i): + ignorethis = True + break + if ignorethis: + continue + + for suspect in usual_suspects: + if suspect in curfile.lower(): + problems.append('Found probable non-free blob ' + fp) + + mime = ms.file(fp) + if mime == 'application/x-sharedlib': + problems.append('Found shared library at %s' % fd) + elif mime == 'application/x-archive': + problems.append('Found static library at %s' % fd) + elif mime == 'application/x-executable': + problems.append('Found binary executable at %s' % fd) + elif fp.endswith('.apk'): + problems.append('Found apk archive at %s' % fd) + + elif curfile.endswith('.java'): + for line in file(fp): + if 'DexClassLoader' in line: + problems.append('Found DexClassLoader in ' + fp) break - if ignorethis: - continue - - for suspect in usual_suspects: - if suspect in curfile.lower(): - problems.append('Found probable non-free blob ' + fp) - - mime = m.id_filename(fp) - if mime == 'application/x-sharedlib': - problems.append('Found shared library at %s' % fd) - elif mime == 'application/x-archive': - problems.append('Found static library at %s' % fd) - elif mime == 'application/x-executable': - problems.append('Found binary executable at %s' % fd) - elif fp.endswith('.apk'): - problems.append('Found apk archive at %s' % fd) - - elif curfile.endswith('.java'): - for line in file(fp): - if 'DexClassLoader' in line: - problems.append('Found DexClassLoader in ' + fp) - break + ms.close() # Presence of a jni directory without buildjni=yes might # indicate a problem... (if it's not a problem, explicitly use -- 2.30.2