Add ability to supress scanner for specific files

2024-10-03 17:50:11 +02:00 · 2013-03-20 09:46:30 +00:00 · 2013-03-20 09:46:30 +00:00 · 9a72cb7209
commit 9a72cb7209
parent 8c195c637a
2 changed files with 28 additions and 5 deletions
--- a/docs/fdroid.texi
+++ b/docs/fdroid.texi
@ -754,6 +754,14 @@ If the native code is being built by other means, you can specify
 not required, remove the directory instead (using @code{prebuild} for
 example).

+@item scanignore=path1;path2;...
+Enables one or more files/paths to be exlcuded from the scan process.
+This should only be used where there is a very good reason, and
+probably accompanied by a comment explaining why it is necessary.
+
+When scanning, files whose relative paths start with any of the paths
+given here are ignored.
+
@item submodules=yes
 Use if the project (git only) has submodules - causes git submodule
 init and update to be executed after the source is cloned.
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -1991,6 +1991,11 @@ def scan_source(build_dir, root_dir, thisbuild):
                      'heyzap',
                      'jpct-ae']

+    if 'scanignore' in thisbuild:
+        ignore = thisbuild['scanignore'].split(';')
+    else:
+        ignore = []
+
    # Iterate through all files in the source code...
    for r,d,f in os.walk(build_dir):
        for curfile in f:
@ -2001,6 +2006,15 @@ def scan_source(build_dir, root_dir, thisbuild):
            # Path (relative) to the file...
            fp = os.path.join(r, curfile)

+            # Check if this file has been explicitly excluded from scanning...
+            ignorethis = False
+            for i in ignore:
+                if fp.startswith(i):
+                    ignorethis = True
+                    break
+            if ignorethis:
+                continue
+
            for suspect in usual_suspects:
                if suspect in curfile.lower():
                    msg = 'Found probable non-free blob ' + fp
@ -2010,12 +2024,13 @@ def scan_source(build_dir, root_dir, thisbuild):
                msg = 'Found apk file, which should not be in the source - ' + fp
                problems.append(msg)

+            elif curfile.endswith('.elf'):
+                msg = 'Found .elf at ' + fp
+                problems.append(msg)
+
            elif curfile.endswith('.so'):
-                if '/jni' in r:
-                    print 'Warning: Found ELF at ' + fp
-                else:
-                    msg = 'Found ELF at ' + fp
-                    problems.append(msg)
+                msg = 'Found .so at ' + fp
+                problems.append(msg)

            elif curfile.endswith('.java'):
                for line in file(fp):