Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15441087
D9187.id.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
D9187.id.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -32,6 +32,7 @@
'ArcanistCSharpLinter' => 'lint/linter/ArcanistCSharpLinter.php',
'ArcanistCallConduitWorkflow' => 'workflow/ArcanistCallConduitWorkflow.php',
'ArcanistCapabilityNotSupportedException' => 'workflow/exception/ArcanistCapabilityNotSupportedException.php',
+ 'ArcanistChmodLinter' => 'lint/linter/ArcanistChmodLinter.php',
'ArcanistChooseInvalidRevisionException' => 'exception/ArcanistChooseInvalidRevisionException.php',
'ArcanistChooseNoRevisionsException' => 'exception/ArcanistChooseNoRevisionsException.php',
'ArcanistCloseRevisionWorkflow' => 'workflow/ArcanistCloseRevisionWorkflow.php',
@@ -222,6 +223,7 @@
'ArcanistCSharpLinter' => 'ArcanistLinter',
'ArcanistCallConduitWorkflow' => 'ArcanistBaseWorkflow',
'ArcanistCapabilityNotSupportedException' => 'Exception',
+ 'ArcanistChmodLinter' => 'ArcanistLinter',
'ArcanistChooseInvalidRevisionException' => 'Exception',
'ArcanistChooseNoRevisionsException' => 'Exception',
'ArcanistCloseRevisionWorkflow' => 'ArcanistBaseWorkflow',
diff --git a/src/lint/linter/ArcanistChmodLinter.php b/src/lint/linter/ArcanistChmodLinter.php
new file mode 100644
--- /dev/null
+++ b/src/lint/linter/ArcanistChmodLinter.php
@@ -0,0 +1,80 @@
+<?php
+
+/**
+ * Ensures that files are not executable unless they are either binary or
+ * contain a shebang.
+ */
+final class ArcanistChmodLinter extends ArcanistLinter {
+
+ const LINT_INVALID_EXECUTABLE = 1;
+
+ public function getInfoName() {
+ return 'Chmod';
+ }
+
+ public function getInfoDescription() {
+ return pht(
+ 'Checks the permissions on files and ensures that they are not made to '.
+ 'be executable unnecessarily. In particular, a file should not be '.
+ 'executable unless it is either binary or contain a shebang.');
+ }
+
+ public function getLinterName() {
+ return 'CHMOD';
+ }
+
+ public function getLinterConfigurationName() {
+ return 'chmod';
+ }
+
+ public function shouldLintBinaryFiles() {
+ return true;
+ }
+
+ public function getLintNameMap() {
+ return array(
+ self::LINT_INVALID_EXECUTABLE => pht('Invalid Executable'),
+ );
+ }
+
+ public function getLintSeverityMap() {
+ return array(
+ self::LINT_INVALID_EXECUTABLE => ArcanistLintSeverity::SEVERITY_WARNING,
+ );
+ }
+
+ public function lintPath($path) {
+ if (is_executable($path)) {
+ if ($this->getEngine()->isBinaryFile($path)) {
+ // Path is a binary file, which makes it a valid executable.
+ return;
+ } else if ($this->getShebang($path)) {
+ // Path contains a shebang, which makes it a valid executable.
+ return;
+ } else {
+ $this->raiseLintAtPath(
+ self::LINT_INVALID_EXECUTABLE,
+ pht(
+ 'Executable files should either be binary or contain a shebang.'));
+ }
+ }
+ }
+
+ /**
+ * Returns the path's shebang.
+ *
+ * @param string
+ * @return string|null
+ */
+ private function getShebang($path) {
+ $line = head(phutil_split_lines($this->getEngine()->loadData($path), true));
+
+ $matches = array();
+ if (preg_match('/^#!(.*)$/', $line, $matches)) {
+ return $matches[1];
+ } else {
+ return null;
+ }
+ }
+
+}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Mar 27, 4:17 PM (1 w, 2 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7681287
Default Alt Text
D9187.id.diff (3 KB)
Attached To
Mode
D9187: Add an `ArcanistChmodLinter`.
Attached
Detach File
Event Timeline
Log In to Comment