# # # --- ebuild.sh.orig 2004-03-22 19:00:49.000000000 -0700 +++ ebuild.sh 2004-03-30 14:10:07.701459930 -0700 @@ -675,6 +675,63 @@ exit 1 } +src_pre_compile() { + [ -z "${FEATURE_AUDIT_LOGPATH}" ] && export FEATURE_AUDIT_LOGPATH="${T}/audit_data" + addwrite ${FEATURE_AUDIT_LOGPATH} + for audit in flawfinder rats; do + if [ "$PWD" = "${S}" -a "`has ${audit} ${FEATURES}`" != "" -a -x /usr/bin/${audit} ]; then + flaws="" + case "${audit}" in + flawfinder) + s_files="`find ${S} -name '*.c' -o -name '*.cpp'`" + [ -z "${FEATURE_FLAWFINDER_MINLEVEL}" ] && export FEATURE_FLAWFINDER_MINLEVEL=5 + ;; + rats) + s_files="`find ${S} -name '*.c' -o -name '*.cpp' -o -name '*.php' -o -name '*.pl'`" + [ -z "${FEATURE_RATS_WARNLEVEL}" ] && export FEATURE_RATS_WARNLEVEL=1 + ;; + *) + return 1 + esac + if [ -n "$s_files" ]; then + s_count=`echo ${s_files} | tr ' ' '\n' | wc -l | awk '{print $1}'` + einfo "Running ${audit} on [$s_count] files" + flaws="" + [ "${audit}" == "flawfinder" ] && + flaws=$(flawfinder --quiet --dataonly --minlevel=${FEATURE_FLAWFINDER_MINLEVEL} ${s_files}) + + [ "${audit}" == "rats" ] && + flaws=$(/usr/bin/rats --quiet --resultsonly --warning ${FEATURE_RATS_WARNLEVEL} ${s_files}) + + if [ -n "$flaws" ]; then + line="------------------------------------------------------------------------" + i=5;echo;while [ $i != 0 ]; do echo -ne ".\a" ; sleep 0.25 ; i=$(($i - 1)) ; done ;echo + echo ${line} + ewarn "${audit} report for ${PN} on $(date -u)" + echo ${line} ; echo -e "${flaws}" ; echo ${line} + i=5;echo;while [ $i != 0 ]; do echo -ne ".\a" ; sleep 0.25 ; i=$(($i - 1)) ; done ;echo + if [ -d "${FEATURE_AUDIT_LOGPATH}" ]; then + af1="${FEATURE_AUDIT_LOGPATH}/${PN}-${PV}_${audit}" + af2="${FEATURE_AUDIT_LOGPATH}/${audit}.log" + > $af1 + for a in $af1 $af2 ; do + einfo "Saving audit data to $a" + echo ${line} >> ${a} + echo " * ${audit} report for ${PN} on $(date -u)" >> ${a} + echo ${line} >> ${a} + echo -e "${flaws}" >> ${a} + echo ${line} >> ${a} + sync + done + fi + has interactive ${FEATURES} && + read -p "- Press Enter To Continue or CTRL+C to abort" + fi + fi + fi + done +} + dyn_compile() { trap "abort_compile" SIGINT SIGQUIT [ "${CFLAGS-unset}" != "unset" ] && export CFLAGS @@ -727,6 +783,7 @@ #some packages use an alternative to $S to build in, cause #our libtool to create problematic .la files export PWORKDIR="$WORKDIR" + src_pre_compile src_compile #|| abort_compile "fail" cd "${BUILDDIR}"