2 Author: Christian Schwarz <schwarz@debian.org>
6 Needs-Info: objdump-info, file-info, strings
7 Info: This script checks binaries and object files for bugs.
9 Tag: arch-independent-package-contains-binary-or-object
12 Info: The package contains a binary or object file but is tagged
15 If this package contains binaries or objects for cross-compiling or
16 binary blobs for other purposes independent of the host architecture
17 (such as BIOS updates or firmware), please add a Maemian override.
19 Tag: unstripped-binary-or-object
22 Ref: policy 10.1, policy 10.2
23 Info: The package installs an unstripped binary or object file.
25 Please note, that shared libraries have to be stripped with the
26 <tt>--strip-unneeded</tt> option.
28 Tag: library-in-debug-or-profile-should-not-be-stripped
31 Info: Libraries in <tt>.../lib/debug</tt> or in
32 <tt>.../lib/profile</tt> usually should not be stripped.
34 Tag: statically-linked-binary
37 Info: The package installs a statically linked binary or object file.
39 Usually this is a bug. Otherwise, please install an override if your package
40 is an exception. Note that binaries named *-static and *.static are already
41 excluded, just as any binaries in packages named *-static.
43 Tag: library-not-linked-against-libc
46 Info: The package installs a library which is not dynamically linked
49 Tag: program-not-linked-against-libc
52 Info: The package installs a binary which is not dynamically linked
55 Tag: binary-or-shlib-defines-rpath
58 Ref: http://wiki.debian.org/RpathIssue
59 Info: The binary or shared library sets RPATH. This overrides the normal
60 library search path, possibly interfering with local policy and causing
61 problems for multilib, among other issues.
63 The only time a binary or shared library in a Debian package should set
64 RPATH is if it is linked to private shared libraries in the same package.
65 In that case, place those private shared libraries in
66 <tt>/usr/lib/<i>package</i></tt>. Libraries used by binaries in other
67 packages should be placed in <tt>/lib</tt> or <tt>/usr/lib</tt> as
68 appropriate, with a proper SONAME, in which case RPATH is unnecessary.
70 To fix this problem, look for link lines like:
71 gcc test.o -o test -Wl,--rpath,/usr/local/lib
73 gcc test.o -o test -R/usr/local/lib
74 and remove the <tt>-Wl,--rpath</tt> or <tt>-R</tt> argument. You can also
75 use the chrpath utility to remove the RPATH.
77 Tag: binary-has-unneeded-section
80 Info: The binary or shared library is stripped, but still contains a
81 section that is not useful. You should call strip with
82 <tt>--remove-section=.comment --remove-section=.note</tt> to remove the
83 <tt>.note</tt> and <tt>.comment</tt> sections.
85 <tt>dh_strip</tt> will do this automatically for you, but
86 <tt>install -s</tt> not because it calls strip without any arguments.
88 Tag: missing-depends-line
91 Info: The package contains an ELF binary with dynamic dependencies,
92 but does not have a Depends line in its control file. This usually
93 means that a call to <tt>dpkg-shlibdeps</tt> is missing from the
94 package's <tt>debian/rules</tt> file.
96 Tag: shared-lib-without-dependency-information
99 Info: The listed shared library doesn't include information about which
100 other libraries the library was linked against. (When running "<tt>ldd
101 foo.so</tt>" ldd should report about these other libraries. In your
102 case, ldd just reports "statically linked".)
104 To fix this, you should explicitly specify the libraries which are
105 used (e.g., "-lc") when building the shared library with "ld".
107 If you have questions about this, please contact &debdev;.
109 Tag: arch-dependent-file-in-usr-share
112 Ref: fhs usrsharearchitectureindependentdata
113 Info: This package installs an ELF binary in the <tt>/usr/share</tt>
114 hierarchy, which is reserved for architecture-independent files.
119 Ref: fhs etchostspecificsystemconfiguration
120 Info: This package installs an ELF binary in <tt>/etc</tt>.
121 The Filesystem Hierarchy Standard forbids this.
123 Tag: binary-compiled-with-profiling-enabled
126 Info: While profiling is useful for testing and debugging purposes, enabling
127 it causes a program to leave gmon.out files whenever a user runs it.
129 Tag: binary-file-compressed-with-upx
132 Info: Debian does not allow binaries to be compressed by UPX.
134 Tag: package-name-doesnt-match-sonames
137 Info: The package name of a library package should usually reflect
138 the soname of the included library. The package name can determined
139 from the library file name with the following code snippet:
141 $ objdump -p /path/to/libfoo-bar.so.1.2.3 | sed -n -e's/^[[:space:]]*SONAME[[:space:]]*//p' | sed -e's/\([0-9]\)\.so\./\1-/; s/\.so\.//'
144 Tag: binary-with-bad-dynamic-table
147 Info: This appears to be an ELF file but objdump -T cannot parse it.
148 If it is external debugging symbols for another file, it should be
149 installed under /usr/lib/debug.
151 Tag: apparently-corrupted-elf-binary
154 Info: This appears to be an ELF file but objdump -T doesn't recognize it
155 as valid. This may be a mistake or a corrupted file, you may need to
156 install binutils-multiarch on the system running lintian so that
157 non-native binaries are handled correctly, or it may be a
158 misidentification of a file as ELF that actually isn't.
160 Tag: apparently-truncated-elf-binary
163 Info: This appears to be an ELF file, but objdump believes it is
164 truncated. This may be a mistake or a corrupted file, or it may be a
165 misidentification of a file as ELF that actually isn't.
167 Tag: missing-dependency-on-libc
171 Info: The listed file appears to be linked against the C library, but the
172 package doesn't depend on the C library package. Normally this indicates
173 that ${shlibs:Depends} was omitted from the Depends line for this package
174 in <tt>debian/control</tt>.
176 All shared libraries and compiled binaries must be run through
177 dpkg-shlibdeps to find out any libraries they are linked against (often
178 via the dh_shlibdeps debhelper command). The package containing these
179 files must then depend on ${shlibs:Depends} in <tt>debian/control</tt> to
180 get the proper package dependencies for those libraries.
182 Tag: missing-dependency-on-perlapi
185 Ref: perl-policy 4.4.2
186 Info: This package includes a *.so file in <tt>/usr/lib/perl5</tt>,
187 normally indicating that it includes a binary Perl module. Binary Perl
188 modules must depend on perlapi-$Config{version} (from the Config module).
189 If the package is using debhelper, this problem is usually due to a
190 missing dh_perl call in <tt>debian/rules</tt> or a missing
191 ${perl:Depends} substitution variable in the Depends line in
192 <tt>debian/control</tt>.
194 Tag: debug-file-should-use-detached-symbols
198 Info: This file is in a location generally used for detached debugging
199 symbols, but it appears to contain a complete copy of the executable or
200 library instead of only the debugging symbols. Files in subdirectories
201 of <tt>/usr/lib/debug</tt> mirroring the main file system should contain
202 only debugging information generated by <tt>objcopy
203 --only-keep-debug</tt>. Binaries or shared objects built with extra
204 debugging should be installed directly in <tt>/usr/lib/debug</tt> or in
205 subdirectories corresponding to the package, not in the directories that
206 mirror the main file system.
208 If you are using dh_strip with the --dbg-package flag, don't also install
209 the library in <tt>/usr/lib/debug</tt>. dh_strip does all the work for
212 Tag: binary-from-other-architecture
215 Info: This ELF binary appears to have been built for an architecture other
216 than the one of the binary package being tested. This may occur when a
217 pre-built binary is shipped in the package or when an attempt to
218 cross-compile didn't work.
220 Tag: spelling-error-in-binary
222 Certainty: wild-guess
224 Info: Maemian found a spelling error in the given binary. Maemian has a
225 list of common misspellings that it looks for. It does not have a
226 dictionary like a spelling checker does. For Maemian's convenience all
227 words are normalised to lower case.
229 If the string containing the spelling error is translated with the help
230 of gettext or a similar tool, please fix the error in the translations as
231 well as the English text to avoid making the translations fuzzy. With
232 gettext, for example, this means you should also fix the spelling mistake
233 in the corresponding msgids in the *.po files.
235 To find the original word you can run:
237 <tt>strings <binary> | grep -i <word></tt>
239 You can often find the word in the source code by running:
241 <tt>grep -r '\b<original-word>\b' <source-tree></tt>
246 Info: The given ELF object appears to have been statically linked to zlib.
247 Doing this is discouraged due to the extra work needed by the security team
248 to fix all the extra embedded copies or trigger the package rebuilds, as