Fix a bug in logical equality operation

[munahaf]

Checklist

• [X] I added a descriptive title
• [X] I searched open reports and couldn't find a duplicate

What happened?

In file: post.py inside the conda_build directory, method: check_overlinking_impl, in line 1356 a logical equality check operation was performed. The operands are such that the comparison operation always returns true. This is because one of the operands is a list and the other is a string ([package] != "non-library").

Such logical short circuits in code lead to unintended behavior. I suggested that the logical operation should be reviewed for correctness. I could not create a fix because I am not familiar with the business logic.

Sponsorship and Support:

This work is done by the security researchers from OpenRefactory and is supported by the Open Source Security Foundation (OpenSSF): Project Alpha-Omega. Alpha-Omega is a project partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code - and get them fixed – to improve global software supply chain security.

The bug is found by running the Intelligent Code Repair (iCR) tool by OpenRefactory and then manually triaging the results.

Conda Info

conda is not installed.

Conda Config

conda is not installed.

Conda list

conda is not installed.

Additional Context

No response

[github-actions[bot]]

Hi there, thank you for your contribution!

This issue has been automatically marked as stale because it has not had recent activity. It will be closed automatically if no further activity occurs.

If you would like this issue to remain open please:

1. Verify that you can still reproduce the issue at hand
2. Comment that the issue is still reproducible and include:
   • What OS and version you reproduced the issue on
   • What steps you followed to reproduce the issue

NOTE: If this issue was closed prematurely, please leave a comment.

Thanks!