Bug 1024517 - perl.req returns wrong set of required modules due parsing bug
Summary: perl.req returns wrong set of required modules due parsing bug
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: rpm
Version: 6.4
Hardware: x86_64
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Packaging Maintenance Team
QA Contact: Marek Marusic
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-10-29 20:19 UTC by jernej.porenta
Modified: 2015-07-22 07:02 UTC (History)
7 users (show)

Fixed In Version: rpm-4.8.0-40.el6
Doc Type: Bug Fix
Doc Text:
If a Perl script in a package contained a string declared as a here-document that included the "use" or "require" words, or a multiline string with these words, the package in some cases had incorrect dependencies when it was created using the "rpmbuild" command. Now, the "use" and "require" strings are ignored as keywords in here-documents and multiline strings, which prevents the problem from occurring.
Clone Of:
: 1191121 (view as bug list)
Environment:
Last Closed: 2015-07-22 07:02:58 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:1452 0 normal SHIPPED_LIVE rpm bug fix and enhancement update 2015-07-20 18:43:47 UTC

Description jernej.porenta 2013-10-29 20:19:49 UTC 
Description of problem:
/usr/lib/rpm/perl.req returns wrong set of required modules for rpm-build spec files, since it has a parsing bug when a comment in perl module starts with "use something etc" (perl.req returns depencency on perl(something).

Version-Release number of selected component (if applicable):
rpm-build-4.8.0-32.el6.x86_64

How reproducible:
- the bug is reproducable with certain version of some SpamAssassin module, which was later fixed to prevent such bugs with rpm-builds perl.req scripts


Steps to Reproduce:
1. curl -o /tmp/DependencyInfo.pm "http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Util/DependencyInfo.pm?revision=1531991&view=co"
2. /usr/lib/rpm/perl.req /tmp/DependencyInfo.pm

Actual results:
perl(bytes)
perl(re)
perl(strict)
perl(these)
perl(vars)
perl(warnings)

Expected results:
perl(bytes)
perl(re)
perl(strict)
perl(vars)
perl(warnings)

Additional info:
The script is parsing also through comments section of perl module, so it wrongly parses out comments starting with "use XXXX asdfasd" in the beginning of the line.
Comment 2 Dusty Mabe 2014-08-22 14:50:19 UTC 
Moving to rpm component as the rpm-build package is a subpackage of rpm. 

This looks like a dup of 1026750. Can someone else confirm and mark it as such?
Comment 4 Florian Festi 2014-12-15 12:27:53 UTC 
Patch available upstream.
Comment 5 Dusty Mabe 2014-12-15 14:11:16 UTC 
(In reply to Florian Festi from comment #4)
> Patch available upstream.

That's great news. Do you have a link to the patch?

Thanks
Comment 6 Ľuboš Kardoš 2014-12-15 14:41:55 UTC 
http://rpm.org/gitweb?p=rpm.git;a=commit;h=4c621e97776a47c2b4e7f17c1cd2a7961453babf
Comment 7 Karel Srot 2015-01-06 13:48:23 UTC 
Hi Florian,
could you please tell me how is this different from the bug 1026750? I can see that patches are different, the description seems similar though.
Comment 8 Karel Srot 2015-01-06 13:49:20 UTC 
(In reply to Karel Srot from comment #7)
> Hi Florian,
> could you please tell me how is this different from the bug 1026750? I can
> see that patches are different, the description seems similar though.

Please ignore.
Comment 13 errata-xmlrpc 2015-07-22 07:02:58 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1452.html
Note You need to log in before you can comment on or make changes to this bug.