On Wed, 2012-07-18 at 23:37 +0100, Matt Burgess wrote:
> However, being a perfectionist, I wasn't happy with
> them hence taking so long over the upgrade. I'm after the 'correct' way
> of dealing with this, which seems to be patching gnulib.
Here's the work in progress patch. It still wants to invoke
automake/autoconf though, and I've no idea why. Hopefully someone more
well versed in those tools could take a look please?
The -1 patch is the minimal diff based on
http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=66712c23388e93e5c518ebc8515140fa0c807348
The -2 patch is my interpretation of what the autotools will end up
generating based on those changes.
Ordinarily, I'd just grab a copy of the same version of autotools that
were used to generate the files in the source tarball, run 'autoreconf',
then add the changes they make to the diff. However, this version of
diffutils appears to have used a git snapshot of autoconf and an
unreleased version of automake (1.11a), so I can't get the minimal diffs
I'd like automatically.
Ta,
Matt.
diff -Naur diffutils-3.2.orig/lib/stdio.in.h diffutils-3.2/lib/stdio.in.h
--- diffutils-3.2.orig/lib/stdio.in.h 2011-08-28 11:57:28.000000000 +0000
+++ diffutils-3.2/lib/stdio.in.h 2012-07-18 22:31:37.774166142 +0000
@@ -681,22 +681,11 @@
# endif
#endif
-#if @GNULIB_GETS@
-# if @REPLACE_STDIO_READ_FUNCS@ && @GNULIB_STDIO_H_NONBLOCKING@
-# if !(defined __cplusplus && defined GNULIB_NAMESPACE)
-# undef gets
-# define gets rpl_gets
-# endif
-_GL_FUNCDECL_RPL (gets, char *, (char *s) _GL_ARG_NONNULL ((1)));
-_GL_CXXALIAS_RPL (gets, char *, (char *s));
-# else
-_GL_CXXALIAS_SYS (gets, char *, (char *s));
-# undef gets
-# endif
-_GL_CXXALIASWARN (gets);
/* It is very rare that the developer ever has full control of stdin,
- so any use of gets warrants an unconditional warning. Assume it is
- always declared, since it is required by C89. */
+ so any use of gets warrants an unconditional warning; besides, C11
+ removed it. */
+#undef gets
+#if HAVE_RAW_DECL_GETS
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
#endif
@@ -1018,9 +1007,9 @@
# endif
#endif
-/* Some people would argue that sprintf should be handled like gets
- (for example, OpenBSD issues a link warning for both functions),
- since both can cause security holes due to buffer overruns.
+/* Some people would argue that all sprintf uses should warned about
+ (for example, OpenBSD issues a link warning for it),
+ since it can cause security holes due to buffer overruns.
However, we believe that sprintf can be used safely, and is more
efficient than snprintf in those safe cases; and as proof of our
belief, we use sprintf in several gnulib modules. So this header
diff -Naur diffutils-3.2.orig/m4/stdio_h.m4 diffutils-3.2/m4/stdio_h.m4
--- diffutils-3.2.orig/m4/stdio_h.m4 2011-05-18 18:31:30.000000000 +0000
+++ diffutils-3.2/m4/stdio_h.m4 2012-07-18 22:31:37.775166145 +0000
@@ -18,7 +18,6 @@
GNULIB_GETC=1
GNULIB_GETCHAR=1
GNULIB_FGETS=1
- GNULIB_GETS=1
GNULIB_FREAD=1
dnl This ifdef is necessary to avoid an error "missing file lib/stdio-read.c"
dnl "expected source file, required through AC_LIBSOURCES, not found". It is
@@ -72,10 +71,10 @@
dnl Check for declarations of anything we want to poison if the
dnl corresponding gnulib module is not in use, and which is not
- dnl guaranteed by C89.
+ dnl guaranteed by both C89 and C11.
gl_WARN_ON_USE_PREPARE([[#include <stdio.h>
- ]], [dprintf fpurge fseeko ftello getdelim getline popen renameat
- snprintf tmpfile vdprintf vsnprintf])
+ ]], [dprintf fpurge fseeko ftello getdelim getline gets popen
+ renameat snprintf tmpfile vdprintf vsnprintf])
])
AC_DEFUN([gl_STDIO_MODULE_INDICATOR],
@@ -112,7 +111,6 @@
GNULIB_GETCHAR=0; AC_SUBST([GNULIB_GETCHAR])
GNULIB_GETDELIM=0; AC_SUBST([GNULIB_GETDELIM])
GNULIB_GETLINE=0; AC_SUBST([GNULIB_GETLINE])
- GNULIB_GETS=0; AC_SUBST([GNULIB_GETS])
GNULIB_OBSTACK_PRINTF=0; AC_SUBST([GNULIB_OBSTACK_PRINTF])
GNULIB_OBSTACK_PRINTF_POSIX=0; AC_SUBST([GNULIB_OBSTACK_PRINTF_POSIX])
GNULIB_PERROR=0; AC_SUBST([GNULIB_PERROR])
diff -Naur diffutils-3.2.orig/m4/warn-on-use.m4 diffutils-3.2/m4/warn-on-use.m4
--- diffutils-3.2.orig/m4/warn-on-use.m4 2011-08-28 11:55:52.000000000 +0000
+++ diffutils-3.2/m4/warn-on-use.m4 2012-07-18 22:31:37.775166145 +0000
@@ -1,4 +1,4 @@
-# warn-on-use.m4 serial 4
+# warn-on-use.m4 serial 5
dnl Copyright (C) 2010-2011 Free Software Foundation, Inc.
dnl This file is free software; the Free Software Foundation
dnl gives unlimited permission to copy and/or distribute it,
@@ -18,8 +18,8 @@
# some systems declare functions in the wrong header, then INCLUDES
# should do likewise.
#
-# If you assume C89, then it is generally safe to assume declarations
-# for functions declared in that standard (such as gets) without
+# It is generally safe to assume declarations for functions declared
+# in the intersection of C89 and C11 (such as printf) without
# needing gl_WARN_ON_USE_PREPARE.
AC_DEFUN([gl_WARN_ON_USE_PREPARE],
[
diff -Naur diffutils-3.2.orig/configure diffutils-3.2/configure
--- diffutils-3.2.orig/configure 2011-09-02 15:19:02.000000000 +0000
+++ diffutils-3.2/configure 2012-07-18 22:58:48.215138181 +0000
@@ -1078,7 +1078,6 @@
GNULIB_PERROR
GNULIB_OBSTACK_PRINTF_POSIX
GNULIB_OBSTACK_PRINTF
-GNULIB_GETS
GNULIB_GETLINE
GNULIB_GETDELIM
GNULIB_GETCHAR
@@ -10006,7 +10005,6 @@
GNULIB_GETCHAR=0;
GNULIB_GETDELIM=0;
GNULIB_GETLINE=0;
- GNULIB_GETS=0;
GNULIB_OBSTACK_PRINTF=0;
GNULIB_OBSTACK_PRINTF_POSIX=0;
GNULIB_PERROR=0;
@@ -22530,7 +22528,6 @@
GNULIB_GETC=1
GNULIB_GETCHAR=1
GNULIB_FGETS=1
- GNULIB_GETS=1
GNULIB_FREAD=1
diff -Naur diffutils-3.2.orig/doc/Makefile.in diffutils-3.2/doc/Makefile.in
--- diffutils-3.2.orig/doc/Makefile.in 2011-09-02 12:32:25.000000000 +0000
+++ diffutils-3.2/doc/Makefile.in 2012-07-18 22:58:48.220138196 +0000
@@ -306,7 +306,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
diff -Naur diffutils-3.2.orig/gnulib-tests/Makefile.in diffutils-3.2/gnulib-tests/Makefile.in
--- diffutils-3.2.orig/gnulib-tests/Makefile.in 2011-09-02 12:32:33.000000000 +0000
+++ diffutils-3.2/gnulib-tests/Makefile.in 2012-07-18 22:58:48.221138199 +0000
@@ -1037,7 +1037,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
diff -Naur diffutils-3.2.orig/lib/Makefile.in diffutils-3.2/lib/Makefile.in
--- diffutils-3.2.orig/lib/Makefile.in 2011-09-02 12:32:25.000000000 +0000
+++ diffutils-3.2/lib/Makefile.in 2012-07-18 22:58:48.222138202 +0000
@@ -372,7 +372,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
@@ -2268,7 +2267,6 @@
-e 's/@''GNULIB_GETCHAR''@/$(GNULIB_GETCHAR)/g' \
-e 's/@''GNULIB_GETDELIM''@/$(GNULIB_GETDELIM)/g' \
-e 's/@''GNULIB_GETLINE''@/$(GNULIB_GETLINE)/g' \
- -e 's/@''GNULIB_GETS''@/$(GNULIB_GETS)/g' \
-e 's/@''GNULIB_OBSTACK_PRINTF''@/$(GNULIB_OBSTACK_PRINTF)/g' \
-e 's/@''GNULIB_OBSTACK_PRINTF_POSIX''@/$(GNULIB_OBSTACK_PRINTF_POSIX)/g' \
-e 's/@''GNULIB_PERROR''@/$(GNULIB_PERROR)/g' \
diff -Naur diffutils-3.2.orig/lib/config.hin diffutils-3.2/lib/config.hin
--- diffutils-3.2.orig/lib/config.hin 2011-09-02 12:32:24.000000000 +0000
+++ diffutils-3.2/lib/config.hin 2012-07-18 22:59:24.244248131 +0000
@@ -682,6 +682,9 @@
/* Define to 1 if getpagesize is declared even after undefining macros. */
#undef HAVE_RAW_DECL_GETPAGESIZE
+/* Define to 1 if gets is declared even after undefining macros. */
+#undef HAVE_RAW_DECL_GETS
+
/* Define to 1 if getsubopt is declared even after undefining macros. */
#undef HAVE_RAW_DECL_GETSUBOPT
diff -Naur diffutils-3.2.orig/lib/stdio.in.h diffutils-3.2/lib/stdio.in.h
--- diffutils-3.2.orig/lib/stdio.in.h 2011-08-28 11:57:28.000000000 +0000
+++ diffutils-3.2/lib/stdio.in.h 2012-07-18 22:58:48.223138205 +0000
@@ -681,22 +681,11 @@
# endif
#endif
-#if @GNULIB_GETS@
-# if @REPLACE_STDIO_READ_FUNCS@ && @GNULIB_STDIO_H_NONBLOCKING@
-# if !(defined __cplusplus && defined GNULIB_NAMESPACE)
-# undef gets
-# define gets rpl_gets
-# endif
-_GL_FUNCDECL_RPL (gets, char *, (char *s) _GL_ARG_NONNULL ((1)));
-_GL_CXXALIAS_RPL (gets, char *, (char *s));
-# else
-_GL_CXXALIAS_SYS (gets, char *, (char *s));
-# undef gets
-# endif
-_GL_CXXALIASWARN (gets);
/* It is very rare that the developer ever has full control of stdin,
- so any use of gets warrants an unconditional warning. Assume it is
- always declared, since it is required by C89. */
+ so any use of gets warrants an unconditional warning; besides, C11
+ removed it. */
+#undef gets
+#if HAVE_RAW_DECL_GETS
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
#endif
@@ -1018,9 +1007,9 @@
# endif
#endif
-/* Some people would argue that sprintf should be handled like gets
- (for example, OpenBSD issues a link warning for both functions),
- since both can cause security holes due to buffer overruns.
+/* Some people would argue that all sprintf uses should warned about
+ (for example, OpenBSD issues a link warning for it),
+ since it can cause security holes due to buffer overruns.
However, we believe that sprintf can be used safely, and is more
efficient than snprintf in those safe cases; and as proof of our
belief, we use sprintf in several gnulib modules. So this header
diff -Naur diffutils-3.2.orig/m4/stdio_h.m4 diffutils-3.2/m4/stdio_h.m4
--- diffutils-3.2.orig/m4/stdio_h.m4 2011-05-18 18:31:30.000000000 +0000
+++ diffutils-3.2/m4/stdio_h.m4 2012-07-18 22:58:48.224138208 +0000
@@ -18,7 +18,6 @@
GNULIB_GETC=1
GNULIB_GETCHAR=1
GNULIB_FGETS=1
- GNULIB_GETS=1
GNULIB_FREAD=1
dnl This ifdef is necessary to avoid an error "missing file lib/stdio-read.c"
dnl "expected source file, required through AC_LIBSOURCES, not found". It is
@@ -72,10 +71,10 @@
dnl Check for declarations of anything we want to poison if the
dnl corresponding gnulib module is not in use, and which is not
- dnl guaranteed by C89.
+ dnl guaranteed by both C89 and C11.
gl_WARN_ON_USE_PREPARE([[#include <stdio.h>
- ]], [dprintf fpurge fseeko ftello getdelim getline popen renameat
- snprintf tmpfile vdprintf vsnprintf])
+ ]], [dprintf fpurge fseeko ftello getdelim getline gets popen
+ renameat snprintf tmpfile vdprintf vsnprintf])
])
AC_DEFUN([gl_STDIO_MODULE_INDICATOR],
@@ -112,7 +111,6 @@
GNULIB_GETCHAR=0; AC_SUBST([GNULIB_GETCHAR])
GNULIB_GETDELIM=0; AC_SUBST([GNULIB_GETDELIM])
GNULIB_GETLINE=0; AC_SUBST([GNULIB_GETLINE])
- GNULIB_GETS=0; AC_SUBST([GNULIB_GETS])
GNULIB_OBSTACK_PRINTF=0; AC_SUBST([GNULIB_OBSTACK_PRINTF])
GNULIB_OBSTACK_PRINTF_POSIX=0; AC_SUBST([GNULIB_OBSTACK_PRINTF_POSIX])
GNULIB_PERROR=0; AC_SUBST([GNULIB_PERROR])
diff -Naur diffutils-3.2.orig/m4/warn-on-use.m4 diffutils-3.2/m4/warn-on-use.m4
--- diffutils-3.2.orig/m4/warn-on-use.m4 2011-08-28 11:55:52.000000000 +0000
+++ diffutils-3.2/m4/warn-on-use.m4 2012-07-18 22:58:48.224138208 +0000
@@ -1,4 +1,4 @@
-# warn-on-use.m4 serial 4
+# warn-on-use.m4 serial 5
dnl Copyright (C) 2010-2011 Free Software Foundation, Inc.
dnl This file is free software; the Free Software Foundation
dnl gives unlimited permission to copy and/or distribute it,
@@ -18,8 +18,8 @@
# some systems declare functions in the wrong header, then INCLUDES
# should do likewise.
#
-# If you assume C89, then it is generally safe to assume declarations
-# for functions declared in that standard (such as gets) without
+# It is generally safe to assume declarations for functions declared
+# in the intersection of C89 and C11 (such as printf) without
# needing gl_WARN_ON_USE_PREPARE.
AC_DEFUN([gl_WARN_ON_USE_PREPARE],
[
diff -Naur diffutils-3.2.orig/man/Makefile.in diffutils-3.2/man/Makefile.in
--- diffutils-3.2.orig/man/Makefile.in 2011-09-02 12:32:25.000000000 +0000
+++ diffutils-3.2/man/Makefile.in 2012-07-18 22:58:48.224138208 +0000
@@ -274,7 +274,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
diff -Naur diffutils-3.2.orig/ms/Makefile.in diffutils-3.2/ms/Makefile.in
--- diffutils-3.2.orig/ms/Makefile.in 2011-09-02 12:32:25.000000000 +0000
+++ diffutils-3.2/ms/Makefile.in 2012-07-18 22:58:48.225138211 +0000
@@ -248,7 +248,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
diff -Naur diffutils-3.2.orig/src/Makefile.in diffutils-3.2/src/Makefile.in
--- diffutils-3.2.orig/src/Makefile.in 2011-09-02 12:32:25.000000000 +0000
+++ diffutils-3.2/src/Makefile.in 2012-07-18 22:58:48.225138211 +0000
@@ -302,7 +302,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
diff -Naur diffutils-3.2.orig/tests/Makefile.in diffutils-3.2/tests/Makefile.in
--- diffutils-3.2.orig/tests/Makefile.in 2011-09-02 12:32:25.000000000 +0000
+++ diffutils-3.2/tests/Makefile.in 2012-07-18 22:58:48.226138214 +0000
@@ -357,7 +357,6 @@
GNULIB_GETLOGIN = @GNULIB_GETLOGIN@
GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@
GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@
-GNULIB_GETS = @GNULIB_GETS@
GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@
GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@
GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@
--
http://linuxfromscratch.org/mailman/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
