From: Eric Blake Date: Thu, 5 Nov 2009 23:48:09 +0000 (-0700) Subject: build: consistently use freopen-safer X-Git-Tag: v8.1~24 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=56b85e035b77e48e7ec241b54da3f9c9d19e77d5;p=thirdparty%2Fcoreutils.git build: consistently use freopen-safer cat, head, ptx, shuf, tac, tail, tee, tr, and uniq used freopen on stdout, and were potentially vulnerable. dircolors, du, and tsort only used it on stdin, which is unaffected by freopen_safer, but this covers all uses for consistency. * cfg.mk (sc_require_stdio_safer): New rule. * gl/modules/xfreopen (Depends-on): Add freopen-safer. * gl/lib/xfreopen.c (includes): Use stdio--.h. * src/ptx.c (includes): Likewise. * src/shuf.c (includes): Likewise. * src/uniq.c (includes): Likewise. * src/dircolors.c (includes): Likewise. * src/du.c (includes): Likewise. * src/tsort.c (includes): Likewise. --- diff --git a/cfg.mk b/cfg.mk index 27349d0383..03c3fcec99 100644 --- a/cfg.mk +++ b/cfg.mk @@ -237,4 +237,16 @@ sc_prohibit_fail_0: msg='fail=0 initialization' \ $(_prohibit_regexp) +# Ensure that "stdio--.h" is used where appropriate. +sc_require_stdio_safer: + @if $(VC_LIST_EXCEPT) | grep -l '\.[ch]$$' > /dev/null; then \ + files=$$(grep -l '\bfreopen \?(' $$($(VC_LIST_EXCEPT) \ + | grep '\.[ch]$$')); \ + test -n "$$files" && grep -LE 'include "stdio--.h"' $$files \ + | grep . && \ + { echo '$(ME): the above files should use "stdio--.h"' \ + 1>&2; exit 1; } || :; \ + else :; \ + fi + include $(srcdir)/dist-check.mk diff --git a/gl/lib/xfreopen.c b/gl/lib/xfreopen.c index 61091694bb..32e68fa35c 100644 --- a/gl/lib/xfreopen.c +++ b/gl/lib/xfreopen.c @@ -21,6 +21,7 @@ #include "error.h" #include "exitfail.h" #include "quote.h" +#include "stdio--.h" #include "gettext.h" #define _(msgid) gettext (msgid) diff --git a/gl/modules/xfreopen b/gl/modules/xfreopen index 411f80bbdb..ed4ede75a4 100644 --- a/gl/modules/xfreopen +++ b/gl/modules/xfreopen @@ -8,6 +8,7 @@ lib/xfreopen.h Depends-on: error exitfail +freopen-safer quote configure.ac: diff --git a/src/dircolors.c b/src/dircolors.c index f28487ea36..54139ba379 100644 --- a/src/dircolors.c +++ b/src/dircolors.c @@ -19,7 +19,6 @@ #include #include -#include #include "system.h" #include "dircolors.h" @@ -27,6 +26,7 @@ #include "error.h" #include "obstack.h" #include "quote.h" +#include "stdio--.h" #include "xstrndup.h" /* The official name of this program (e.g., no `g' prefix). */ diff --git a/src/du.c b/src/du.c index bee006d04c..61a9c43c42 100644 --- a/src/du.c +++ b/src/du.c @@ -24,7 +24,6 @@ Rewritten to use nftw, then to use fts by Jim Meyering. */ #include -#include #include #include #include @@ -40,6 +39,7 @@ #include "quotearg.h" #include "same.h" #include "stat-time.h" +#include "stdio--.h" #include "xfts.h" #include "xstrtol.h" diff --git a/src/ptx.c b/src/ptx.c index 4947a0f91d..701fcb33f6 100644 --- a/src/ptx.c +++ b/src/ptx.c @@ -19,7 +19,6 @@ #include -#include #include #include #include "system.h" @@ -29,6 +28,7 @@ #include "quote.h" #include "quotearg.h" #include "regex.h" +#include "stdio--.h" #include "xstrtol.h" /* The official name of this program (e.g., no `g' prefix). */ diff --git a/src/shuf.c b/src/shuf.c index 0bb11abc16..71411a437a 100644 --- a/src/shuf.c +++ b/src/shuf.c @@ -19,7 +19,6 @@ #include -#include #include #include "system.h" @@ -29,6 +28,7 @@ #include "quotearg.h" #include "randint.h" #include "randperm.h" +#include "stdio--.h" #include "xstrtol.h" /* The official name of this program (e.g., no `g' prefix). */ diff --git a/src/tsort.c b/src/tsort.c index 09067f2674..cc6807a1e3 100644 --- a/src/tsort.c +++ b/src/tsort.c @@ -22,7 +22,6 @@ #include -#include #include #include #include @@ -32,6 +31,7 @@ #include "error.h" #include "quote.h" #include "readtokens.h" +#include "stdio--.h" /* The official name of this program (e.g., no `g' prefix). */ #define PROGRAM_NAME "tsort" diff --git a/src/uniq.c b/src/uniq.c index 7509bfce9c..ac7ecac53f 100644 --- a/src/uniq.c +++ b/src/uniq.c @@ -18,7 +18,6 @@ #include -#include #include #include @@ -29,6 +28,7 @@ #include "hard-locale.h" #include "posixver.h" #include "quote.h" +#include "stdio--.h" #include "xmemcoll.h" #include "xstrtol.h" #include "memcasecmp.h"