static gboolean as_app_validate_license (const gchar *license_text, GError **error) { guint i; g_auto(GStrv) licenses = NULL; licenses = as_utils_spdx_license_tokenize (license_text); if (licenses == NULL) { g_set_error (error, AS_APP_ERROR, AS_APP_ERROR_FAILED, "SPDX license text '%s' could not be parsed", license_text); return FALSE; } for (i = 0; licenses[i] != NULL; i++) { if (g_strcmp0 (licenses[i], "&") == 0 || g_strcmp0 (licenses[i], "|") == 0 || g_strcmp0 (licenses[i], "+") == 0 || g_strcmp0 (licenses[i], "(") == 0 || g_strcmp0 (licenses[i], ")") == 0) continue; if (licenses[i][0] != '@' || !as_utils_is_spdx_license_id (licenses[i] + 1)) { g_set_error (error, AS_APP_ERROR, AS_APP_ERROR_FAILED, "SPDX ID '%s' unknown", licenses[i]); return FALSE; } } return TRUE; }
static gboolean as_app_validate_is_content_license (const gchar *license) { gboolean requires_all_tokens = TRUE; guint content_license_bad_cnt = 0; guint content_license_good_cnt = 0; g_auto(GStrv) tokens = NULL; tokens = as_utils_spdx_license_tokenize (license); if (tokens == NULL) return FALSE; /* this is too complicated to process */ for (guint i = 0; tokens[i] != NULL; i++) { if (g_strcmp0 (tokens[i], "(") == 0 || g_strcmp0 (tokens[i], ")") == 0) return FALSE; } /* this is a simple expression parser and can be easily tricked */ for (guint i = 0; tokens[i] != NULL; i++) { if (g_strcmp0 (tokens[i], "+") == 0) continue; if (g_strcmp0 (tokens[i], "|") == 0) { requires_all_tokens = FALSE; continue; } if (g_strcmp0 (tokens[i], "&") == 0) { requires_all_tokens = TRUE; continue; } if (as_app_validate_is_content_license_id (tokens[i])) { content_license_good_cnt++; } else { content_license_bad_cnt++; } } /* any valid token makes this valid */ if (!requires_all_tokens && content_license_good_cnt > 0) return TRUE; /* all tokens are required to be valid */ if (requires_all_tokens && content_license_bad_cnt == 0) return TRUE; /* either the license was bad, or it was too complex to process */ return FALSE; }
/** * as_app_validate_license: **/ static gboolean as_app_validate_license (const gchar *license_text, GError **error) { guint i; _cleanup_strv_free_ gchar **licenses = NULL; licenses = as_utils_spdx_license_tokenize (license_text); for (i = 0; licenses[i] != NULL; i++) { if (g_str_has_prefix (licenses[i], "#")) continue; if (!as_utils_is_spdx_license_id (licenses[i])) { g_set_error (error, AS_APP_ERROR, AS_APP_ERROR_FAILED, "SPDX ID '%s' unknown", licenses[i]); return FALSE; } } return TRUE; }