bug-gnu-utils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] Fix building with glibc-2.16.6

From: Petr Písař
Subject: [PATCH] Fix building with glibc-2.16.6
Date: Thu, 2 Aug 2012 18:03:07 +0200 
Ported to sharutils-4.11.1 from gnulib commit:

>From 66712c23388e93e5c518ebc8515140fa0c807348 Mon Sep 17 00:00:00 2001
From: Eric Blake <address@hidden>
Date: Thu, 29 Mar 2012 13:30:41 -0600
Subject: [PATCH] stdio: don't assume gets any more

Gnulib intentionally does not have a gets module, and now that C11
and glibc have dropped it, we should be more proactive about warning
any user on a platform that still has a declaration of this dangerous
interface.
---
 lib/stdio.in.h    | 12 +++++++-----
 m4/stdio_h.m4     |  4 ++--
 m4/warn-on-use.m4 |  4 ++--
 3 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/lib/stdio.in.h b/lib/stdio.in.h
index 57e93ba..6ab9c8b 100644
--- a/lib/stdio.in.h
+++ b/lib/stdio.in.h
@@ -176,10 +176,12 @@ _GL_WARN_ON_USE (fflush, "fflush is not always POSIX 
compliant - "
 #endif
 
 /* It is very rare that the developer ever has full control of stdin,
-   so any use of gets warrants an unconditional warning.  Assume it is
-   always declared, since it is required by C89.  */
+   so any use of gets warrants an unconditional warning; besides, C11
+   removed it.  */
 #undef gets
+#if HAVE_RAW_DECL_GETS
 _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
 
 #if @GNULIB_FOPEN@
 # if @REPLACE_FOPEN@
@@ -902,9 +904,9 @@ _GL_WARN_ON_USE (snprintf, "snprintf is unportable - "
 # endif
 #endif
 
-/* Some people would argue that sprintf should be handled like gets
-   (for example, OpenBSD issues a link warning for both functions),
-   since both can cause security holes due to buffer overruns.
+/* Some people would argue that all sprintf uses should be warned about
+   (for example, OpenBSD issues a link warning for it),
+   since it can cause security holes due to buffer overruns.
    However, we believe that sprintf can be used safely, and is more
    efficient than snprintf in those safe cases; and as proof of our
    belief, we use sprintf in several gnulib modules.  So this header
diff --git a/m4/stdio_h.m4 b/m4/stdio_h.m4
index 7f3ae56..990c616 100644
--- a/m4/stdio_h.m4
+++ b/m4/stdio_h.m4
@@ -34,9 +34,9 @@ AC_DEFUN([gl_STDIO_H],
 
   dnl Check for declarations of anything we want to poison if the
   dnl corresponding gnulib module is not in use, and which is not
-  dnl guaranteed by C89.
+  dnl guaranteed by both C89 and C11.
   gl_WARN_ON_USE_PREPARE([[#include <stdio.h>
-    ]], [dprintf fpurge fseeko ftello getdelim getline popen renameat
+    ]], [dprintf fpurge fseeko ftello getdelim getline gets popen renameat
     snprintf tmpfile vdprintf vsnprintf])
 ])
 
diff --git a/m4/warn-on-use.m4 b/m4/warn-on-use.m4
index e0d0f27..4b07efb 100644
--- a/m4/warn-on-use.m4
+++ b/m4/warn-on-use.m4
@@ -18,8 +18,8 @@ dnl with or without modifications, as long as this notice is 
preserved.
 # some systems declare functions in the wrong header, then INCLUDES
 # should do likewise.
 #
-# If you assume C89, then it is generally safe to assume declarations
-# for functions declared in that standard (such as gets) without
+# It is generally safe to assume declarations for functions declared
+# in the intersection of C89 and C11 (such as printf) without
 # needing gl_WARN_ON_USE_PREPARE.
 AC_DEFUN([gl_WARN_ON_USE_PREPARE],
 [
-- 
1.7.11.2
reply via email to
[Prev in Thread] Current Thread [Next in Thread]