Update annocheck policy
The mem-overflow test depends on -O1. This is less-secure, but that's OK because it's just a test. I'm not sure exactly what is wrong with the second test: various security checks are failing, likely related to the strange way this test binary is constructed via objcopy. My main concern was to ensure that nothing is generally wrong with GResource, but that seems to be OK. Since the issues are isolated to this test, and it's just a test, I think we can safely ignore them.
This commit is contained in:
Michael Catanzaro
parent
0cc9bd161e
commit
3a4fac44e5
|
|
@ -1,9 +1,14 @@
|
|||
---
|
||||
annocheck:
|
||||
ignore:
|
||||
- /usr/libexec/installed-tests/glib/mem-overflow
|
||||
- /usr/libexec/installed-tests/glib/resources
|
||||
elf:
|
||||
ignore:
|
||||
- /usr/libexec/installed-tests/glib/resources
|
||||
inspections:
|
||||
badfuncs: off # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2097
|
||||
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2097
|
||||
badfuncs: off
|
||||
runpath:
|
||||
allowed_paths:
|
||||
- /usr/libexec/installed-tests/glib
|
||||
|
|
|
|||
Loading…
Reference in New Issue