* Makefile.am (t/ax/test-defs.sh): Ensure the 't/ax' directory exists,
before trying to create 'test-defs.sh' in there. This is required in
VPATH builds.
gen-tests: simplify sourcing of helper shell files
This is a follow-up on commit v1.12.2-49-g42fb45b, for an occurrence
of '. "$am_testauxdir"/foo.sh' that wasn't in a test script, but
rather in 'gen-testsuite-part' (ending up in the tests generated by
that script).
* gen-testsuite-part: In the generated 'depcomp*.tap' tests, use
simply:
. depcomp.sh
rather than:
. "$am_testauxdir/depcomp.sh"
* maint: (38 commits)
maintcheck: fixup list of files in $(xdefs)
tests: never source test-defs.sh directly, source test-lib.sh instead
runtest: sanitize test environment
tests: remove an obsolescent self test
tests: "am_using_tap=yes" -> "am_test_protocol=tap"
tests: protect test libs against multiple inclusion
configure: testsuite shell can return early from "dot-sourced" files
tests: move sanitization and "Bournification" in the generic test lib
tests: source test defs in the generic test lib
test defs: no need to re-add $srcdir/t/ax to $PATH
tests: split test libs into "generic" and "automake-specific"
test setup: move actual calling of testsuite setup in ./defs
test setup: merge definitions of function for simple tests
test init: refactor: new function 'am_test_setup'
test init: refactor: move displaying of debugging info later
test init: refactor: new function 'am_setup_testdir'
test init: refactor: new function 'am_set_exit_traps'
configure: testsuite shell set exit traps in shell functions
test init: refactor: new function 'am_exit_trap'
test init: refactor: new function 'process_requirements'
...
* testsuite-refactor: (33 commits)
maintcheck: fixup list of files in $(xdefs)
tests: never source test-defs.sh directly, source test-lib.sh instead
runtest: sanitize test environment
tests: remove an obsolescent self test
tests: "am_using_tap=yes" -> "am_test_protocol=tap"
tests: protect test libs against multiple inclusion
configure: testsuite shell can return early from "dot-sourced" files
tests: move sanitization and "Bournification" in the generic test lib
tests: source test defs in the generic test lib
test defs: no need to re-add $srcdir/t/ax to $PATH
tests: split test libs into "generic" and "automake-specific"
test setup: move actual calling of testsuite setup in ./defs
test setup: merge definitions of function for simple tests
test init: refactor: new function 'am_test_setup'
test init: refactor: move displaying of debugging info later
test init: refactor: new function 'am_setup_testdir'
test init: refactor: new function 'am_set_exit_traps'
configure: testsuite shell set exit traps in shell functions
test init: refactor: new function 'am_exit_trap'
test init: refactor: new function 'process_requirements'
...
tests: never source test-defs.sh directly, source test-lib.sh instead
After the recent re-organization, sourcing 'test-defs.sh' directly might
not work well and cause spurious failures or other unexpected behaviours.
We should source 'test-lib.sh' instead, which contains not more direct
code execution (only definition of shell variables/functions, or sourcing
of other '*.sh' with the same property), is protected against multiple
inclusions, and sources 'test-defs.sh' automatically in in a proper way.
* t/testsuite-summary-count.sh, t/tap-summary.sh, t/tap-summary-color.sh,
t/testsuite-summary-color.sh: Source 'test-lib.sh', not 'test-defs.sh'.
* gen-testsuite-part: Likewise, in the generated wrapper scripts.
* runtest.in: Here, similarly to what is done by AM_TESTS_ENVIRONMENT
in Makefile.am, unset variables that should be under the complete control
of the test framework, and that could create havoc if inherited from the
environment. This remove the need to check against possible environment
"pollution" ...
* t/ax/test-defs.in: ... in here.
* Makefile.am (AM_TESTS_ENVIRONMENT): Add a comment about the need of
synchronization with 'runtest.in'.
* t/self-check-env-sanitize.tap: Remove as obsolete.
* t/list-of-tests.mk: Adjust.
* t/self-check-tap.sh: This. The recent reorganization and code
moving between 'test-defs.sh' and 'test-lib.sh' has made it
brittle and prone to failures. Since the usefulness of this self
check is extremely limited, it's not worth trying to fix it. Just
remove it.
* t/list-of-tests.mk: Adjust.
And similarly, "am_using_tap=no" -> "am_test_protocol=none".
The new '$am_test_protocol' name is clearer, and will allow the easy
addition of further test protocols in the future. This is not truly
relevant for automake, but we are trying to make some parts of our
testsuite framework as general as possible, in view of a future move
to a more generic project like Gnulib.
* Makefile.am, t/ax/am-test-lib.sh, t/ax/test-defs.in, t/ax/test-lib.sh,
t/self-check-env-sanitize.tap, t/self-check-tap.sh: Adjust.
* syntax-checks.mk (sc_tests_obsolete_variables): Add 'am_using_tap' to
the list of obsolete variables to check against.
tests: protect test libs against multiple inclusion
* t/ax/test-lib.sh, t/ax/am-test-lib.sh: Return early if already sourced.
Use the witness variables '$test_lib_sourced' and '$am_test_lib_sourced',
respectively, for this purpose.
* runtest.in, Makefile.am (AM_TESTS_ENVIRONMENT): Unset 'test_lib_sourced'
and 'am_test_lib_sourced', to avoid interferences from the environment.
test defs: no need to re-add $srcdir/t/ax to $PATH
* t/ax/test-defs.sh: Here. That is already done by both 'runtest' and
AM_TESTS_ENVIRONMENT, and the presence of '$srcdir/t/ax' in $PATH is
anyway required, after the recent changes, for our testsuite framework
to work at all.
tests: split test libs into "generic" and "automake-specific"
This is the first step in the quest to merge the generically useful
parts of our test suite framework in a more generic project, like
Gnulib. Time will tell if we'll succeed, and whether the success will
be worth the extra hassle.
* t/ax/test-init.sh: Split out ...
* t/ax/am-test-lib.sh, t/ax/test-lib.sh: ... into these two tests.
* defs, Makefile.am: Adjust.
test setup: merge definitions of function for simple tests
* t/ax/plain-functions.sh: Delete, moving the definitions of ...
($stderr_fileno_): ... this variable ...
(warn_, fail_, skip_, skip_all_, fatal_, framework_failure_): ... and
these functions ...
* t/ax/test-init.sh: ... in here. This allow us to use those functions
earlier in this file (instead of having to duplicate their behaviour
with inlined code). The TAP-based tests are still able to override these
functions later to their TAP-enhanced equivalents when 'tap-functions.sh'
is sourced.
* Makefile.am (dist_noinst_DATA): Remove 't/ax/plain-functions.sh'.
* t/ax/tap-functions.sh: Adjust a comment.
* t/ax/test-init.sh (am_test_setup): Here.
Call it from the main code. Remove other calls of functions and
settings that are now duly called by 'am_test_setup'.
configure: testsuite shell set exit traps in shell functions
* configure.ac: Check that the shell selected to run the test
scripts can set an exit trap in a shell function, without having
that trap executed at the termination of the function rather
than of the scripts. According to the Autoconf manual, at least
AUX 5.3 /bin/sh suffers of such a bug.
test init: remove a couple of paranoid sanity checks
* t/ax/test-init.sh: Here, about 'am_top_srcdir' and 'am_top_builddir';
the values of those variables are AC_SUBST'd, so it's nigh impossible
for the to be wrong or get "messed up".
Now that the early $PATH setup in both 'runtest' and AM_TESTS_ENVIRONMENT
allow the '.' built-in to find to-be-sourced shell scripts in the 't/ax/'
directory automatically, we can simplify several usages like:
. "$am_testauxdir"/foo.sh
to just:
. foo.sh
Also, because our test scripts run with the 'errexit' flag active, and
because POSIX mandates that, when the '.' built-in is used,
... if no readable file is found, a non-interactive shell shall abort ...
We can do so with minimal churn, now that the early setup of $PATH in
both 'runtest' and AM_TESTS_ENVIRONMENT allow the '.' built-in to find
to-be-sourced shell scripts in 't/ax' automatically, both in in-tree
and VPATH builds.
With this change, we take another step forward a more rational and
"segregated" organization of our testsuite framework.
tests: update PATH early from AM_TESTS_ENVIRONMENT and runtest
Because the POSIX standards mandate that sourcing a file with ". FILE"
will cause FILE (assuming it is a relative containing no slashes) to be
looked for in PATH, such a move will allow us to simplify our sourcing
of shell testing libraries like (currently) 't/ax/test-init.sh' and
'defs', and to modularize and re-organize them better in the feature,
with minimal churn.
* runtest.in, Makefile.am (AM_TEST_ENVIRONMENT): Prepend $(abs_srcdir)/t/ax
and $(abs_builddir)/t/ax (in that order) to PATH; do so avoiding repetition
in the common case of non-VPATH builds.
runtest: export $srcdir for use by the test scripts
This is mostly a preparatory change in view of future ones. But it
also make the behaviour of runtest more similar to that of the test
harness used by "make check".
* runtest.in: Export srcdir (was already defined to '@srcdir@').
* gen-testsuite-part ($testauxdir): New, defined to "$testdir/ax".
Use it throughout, for better encapsulation and less duplication.
($auxdir): Remove as unneeded.
gen-tests: less hard-coding of 't' as the test directory
This will make life easier for us in case we decide to rename the
testsuite directory in the future (perhaps to something like 'tests',
which is somewhat less cryptic than the current 't').
* gen-testsuite-part ($testdir): New variable, used throughout instead
of hard-coding the name of the test directory to 't'.
All the script adjusted to make proper use of '$testdir'.
($auxdir): Move its definition earlier, for consistency with the one
of '$testdir'.
build: auxiliary testsuite files/scripts built by "make all"
This will allow the developers to run a tests case by hand out of
a newly extracted tarball simply doing:
$ ./configure && make
$ ./runtest t/the-test-case.sh
while before this change one has to resort to:
$ ./configure && make && make check TESTS=
$ ./runtest t/the-test-case.sh
or, with some non-GNU makes, even:
$ ./configure && make && make check TESTS= AM_MAKEFLAGS="TESTS="
$ ./runtest t/the-test-case.sh
This come very handy sometimes, especially when doing one-shot
debugging. Admittedly not a big deal, but one less friction in
the build system is always nice.
* Makefile.am (check_SCRIPTS, dist_check_DATA, nodist_check_DATA):
Move their content to ...
(noinst_SCRIPTS, dist_noinst_DATA, nodist_noinst_DATA): ... these
variables.
Adjust comments.
* t/list-of-tests.mk (handwritten_TESTS): Don't list ($perf_TESTS) in
here anymore.
* Makefile.am (EXTRA_DIST): Add them explicitly.
(perf): New target, run the performance tests and save the logs of
the ones with unexpected results in the file 't/perf/test-suite.log',
which is thus ...
(PERF_TEST_SUITE_LOG): ... defined in this variable ...
(CLEANFILES): ... and added to this.
(test_subdirs): Remove 't/perf': the tests in there are no more
listed in $(TESTS).
* t/ax/test-init.sh: Don't explicitly skip "perf" test here.
runtest: pass *all* the given shell options to the test invocation
* runtest.in: Here. This didn't work previously because, in our
option parsing loop, we were mistakenly redefining '$shell_opts'
each time, instead of appending to it.
* defs-static.in: Here: do not state anymore that this file should execute
correctly with any system's /bin/sh shell, as this is not true anymore: the
testsuite assumes a POSIX shell throughout these days.
runtest: support option --shell, tell which shell should run the test
* runtest.in: Here. The same effect could have been obtained by
exporting AM_TEST_RUNNER_SHELL to the desired value, but the new
API is simpler and requires less typing and less thinking.
tests: avoid spurious failure when running as root
Fixes automake bug#12041.
* t/primary-prefix-couples-force-valid.sh: If run as root, don't expect
a "test -x" on a non-executable files to fail: for root, all files are
executable (as well as readable and writable), and at least on Solaris
10 that causes "test -x" to succeed also on non-executable files.
* t/dist-formats.tap: Here. Otherwise, some inferior awk implementations,
like OpenIndiana /usr/xpg4/bin/awk, could be confused and cause spurious
errors in the testsuite harness.
* lib/am/tags.am (am__define_uniq_tagged_files): New variable,
factor out some code common to ...
(ctags-am, tags-am, ID): ... the recipes of these targets.
tests: avoid a spurious failure with Solaris /bin/sh
The /bin/sh shell on Solaris is dumb enough not to set the exit
status to 127 after the execution of a non-existing command is
attempted:
$ /bin/sh -c 'nonesuch'; echo stat = $?
/bin/sh: nonesuch: not found
stat = 1
This means that the missing script, when run through that shell,
cannot discriminate between a real failure of a maintainer tool
and a failure due to its absence. This is not a big deal in
practice (especially because all the 'missing' invocations in
our Makefiles are done with $(SHELL), and that is almost surely
set by configure to a proper POSIX shell), but was causing an
annoying failure in our testsuite. Fix it.
* t/missing3.sh: If 'missing' is run with a /bin/sh shell suffering
from the just-described bug, skip the check that would spuriously
fail due to that bug.
* t/missing3.sh: Be sure to use 'run_cmd' also in the first invocation
of 'missing', to ensure the stderr will actually be saved in a file we
can later grep.
* maint:
self tests: avoid spurious failures on older bash
tests: remove t/parallel-tests-many.sh (fixes spurious failure)
typofix: in a comment in the automake script
news: minor fixlets and reordering
* t/self-check-explicit-skips.sh: Remove or rework few checks for use
cases that are no more relevant nor supported now that we've got rid
of the need to use the 'Exit' function explicitly. Make the other
existing checks stricter.
That test was checking for automake#7868 "parallel-tests and command-line
length limit issue". That bug is still open, and the tests was xfailing.
What concerns us is that the test was also causing an annoying problem.
On Solaris 10, it produced a '.log' file with two overly-long lines (more
than 1 million characters long!) and that was causing the test harness to
experience spurious failures, with Solaris XPG4 awk complaining that:
/usr/xpg4/bin/awk: line 0 (NR=734): Record too long (LIMIT: 19999 bytes)
A little consideration shows that the bug#7868 checked by the culprit
test cannot be solved "by accident", e.g., by another bug fix or some
simple refactoring, so there is little added value in keeping the xfailing
test for it, if this causes other problems (and we've seen it does).
So we just remove the test. In case we ever manage to fix the bug in
mainline automake, we can copy over the similar test(s) from Automake-NG,
which has actually managed to fix the bug (and have simpler test cases
for it).
* t/parallel-tests-many.sh: Delete.
* t/list-of-tests.mk (XFAIL_TESTS, handwritten_TESTS): Remove it.
check: support colorized testsuite output by default
Fixes automake bug#11855.
With this change, we make the 'color-tests' option enabled by default.
That option remains still silently accepted as a no-op, for backward
compatibility.
The developer of a package is still free to disable testsuite coloring on
a per-makefile basis (by adding "AM_COLOR_TESTS = no" to the Makefile.am)
or on a whole-project basis (by AC_SUBST'ing AM_COLOR_TESTS to "no" in
configure.ac). But now the user will be able to request the testsuite
output to be colorized, if he really wants to:
# With GNU make:
make AM_COLOR_TESTS=yes check
# With non-GNU make:
make AM_COLOR_TESTS=yes AM_MAKEFLAGS=AM_COLOR_TESTS=yes check
* NEWS: Update.
* doc/automake.texi: Updated, and some related minor reformatting
and rewording.
* automake.in (handle_tests): No need to pass the transform '%COLOR%'
when processing "check.am".
* lib/am/parallel-tests.am: Remove use of the '%?COLOR%' transform;
just act as if it were unconditionally TRUE.
* t/color.sh: No need to specify 'color-tests' in 'AUTOMAKE_OPTIONS'
nor in 'AM_INIT_AUTOMAKE'.
* t/ax/testsuite-summary-checks.sh: Likewise.
* t/ax/tap-summary-aux.sh: Likewise.
* t/color2.sh: Likewise. Also, ensure that colorized testsuite output
can be disabled by default by calling "AC_SUBST([AM_COLOR_TESTS], [no])".
* t/tap-realtime.sh: Define 'AM_COLOR_TESTS' to "no" in Makefile.am, to
avoid spurious colorization of the output due to the use of the 'expect'
program.
* t/color-tests-opt.sh: New test, check that the 'color-tests' option is
still recognized as a no-op.
* t/list-of-tests.mk: Add the new test.
tags: unify recursion for tags targets with that of "usual" targets
This change has a side effect: now any failure of the 'tags', 'ctags',
'cscope' and 'cscopelist' targets in a subdirectory will cause the
recursive command issued from the top directory to fail. We believe
that this behavioural change is not only justified by the simplification
this patch entails, but actually offers better semantics: ignoring
failures by default is never a good idea, and with make, the user can
anyway order the completion of commands in the face of possible failures
with the '-k' option.
* NEWS: Update.
* automake.in (%required_targets): Add keys 'cscopelist-am', 'tags-am'
and 'ctags-am'.
(handle_tags): Greatly simplified, the major part of the handling of
recursion for the 'tags', 'ctags' and 'cscopelist' now moved out to ...
* lib/am/tags.am: ... this file, that has been adjusted and extended
accordingly.
* t/maken3.sh: Remove testing of the 'TAGS' target, that is now just
an alias to 'tags'. Without this change, this test would spuriously
fail.
* maint:
fixup: delete "# serial" line in m4/amversion.in
news: update about recent ylwrap changes and fixes
m4: get rid of "# serial" lines
configure: ${#param} must be supported by the shell for the testsuite
yacc tests: fix a spurious failure with parallel make
ylwrap: use proper quoting inside a `...` substitution
ylwrap: don't uselessly reset the exit status in case of failure
ylwrap: fix C++ support for Bison
ylwrap: refactor: move loop invariant
ylwrap: refactoring: don't rely on the file order
tests: upgrade and fix Bison test case
tests: fix bison input file
ylwrap: comment changes
ylwrap: modernize idioms
ylwrap: rename header inclusion in generated parsers
ylwrap: simplify the list of renamings
ylwrap: refactor: less duplication
* yacc-work:
news: update about recent ylwrap changes and fixes
yacc tests: fix a spurious failure with parallel make
ylwrap: use proper quoting inside a `...` substitution
ylwrap: don't uselessly reset the exit status in case of failure
ylwrap: fix C++ support for Bison
ylwrap: refactor: move loop invariant
ylwrap: refactoring: don't rely on the file order
tests: upgrade and fix Bison test case
tests: fix bison input file
ylwrap: comment changes
ylwrap: modernize idioms
ylwrap: rename header inclusion in generated parsers
ylwrap: simplify the list of renamings
ylwrap: refactor: less duplication
The "#serial" lines are only considered by aclocal for the system-wide
third-party '.m4' files, not for the Automake-provided ones. So they
serve no real purpose in the Automake '.m4' files.
In addition, now that we use git and topic branches, and that we are also
writing the Automake-NG fork, the "#serial" lines are becoming more and
more unreliable (e.g., different version of the same file in different
branches can easily end up having the same serial numbers).
So let's just nuke all the "#serial" lines. See also automake bug#11932.
ylwrap: don't uselessly reset the exit status in case of failure
* lib/ylwrap: Here. In case of a failure in the wrapped yacc/lex
invocation, '$ret' (holding the final exit status of ylwrap) was
being uselessly reset to '1' in the later if/else.
The current logic of ylwrap is to call yacc in a sub directory, and
pull out of it all the files that were requested on its command line.
Reverse this approach: export *all* the files created in the
subdirectory, but rename them according to what the command says.
This way, extra files, such as position.hh, location.hh and stack.hh
for C++ parsers, but also parser.xml or parser.dot if XML or Dot
output is enabled, will be preserved.
* lib/ylwrap (pairlist): Remove.
(main loop): Don't loop over pairlist, but over the files in the
temporary directory.
* t/list-of-tests.mk (XFAIL_TESTS): Fixes t/yacc-bison-skeleton-cxx.sh.
* THANKS (James Bostock): Add, he reported bug#7648.
* t/yacc-bison-skeleton-cxx.sh: Request locations, to be
even more stressful.
Use %union to make sure the %{...%} is inserted where appropriate.
Fix some indentation/coding style issues.
Do not provide implementations in the %{...%} section, especially if the
header is included elsewhere, since then the linker will complain about
multiple definitions.
Reported by Stefano Lattarini,
<http://lists.gnu.org/archive/html/automake-patches/2012-07/msg00126.html>.
* t/yacc-bison-skeleton.sh (zardoz.y): Define yylex and yyerror in the
epilogue.
ylwrap: rename header inclusion in generated parsers
Some types of Bison parsers, such as the GLR ones, generate a header
file that they include. ylwrap, which renames the generated files,
does not rename the included file. Fix this shortcoming, reported
for instance here:
<http://lists.gnu.org/archive/html/bug-bison/2012-06/msg00033.html>.
Fixes t/yacc-bison-skeleton.sh, see Automake bug#7648 and PR automake/491.
* lib/ylwrap (quote_for_sed): Accept arguments.
Catch more special characters.
(rename_sed): New.
Improve the previous renaming sed commands using quote_for_sed.
Suggested by Stefano Lattarini here:
<http://lists.gnu.org/archive/html/automake-patches/2012-07/msg00095.html>.
(main loop): Use rename_sed to rename the dependencies to other files.
* t/yacc-d-basic.sh: Exercise this case, even if bison/yacc was
not issuing such an include.
* t/list-of-tests.mk (XFAIL_TESTS): Adjust.
* lib/ylwrap (pairwise): Instead of being a straightforward copy from
the command line arguments, and having to deal with y.tab vs. y_tab
later, let pairwise store the real file names to process, y_tab
conversion included when needed.
(main loop): Use $to instead of $2, for symmetry with $from.
* maint:
news: mention fixed testsuite weaknesses
news: bump, for future 1.12.3
tests: verify the shell test scripts are syntactically valid
tests: don't use C instead of C++ compiler on case-insensitive platforms
tests: avoid spurious TAP errors on Mac OS X 10.7
tests: fix spurious failure in aclocal7.sh on fast machines
tests: verify the shell test scripts are syntactically valid
Fixes automake bug#11898.
This measure of extra safety is mostly motivated by the fact that some
shells (at least some versions of Bash in the 3.x release series, one
of which serves as /bin/sh on Mac OS X 10.7, as well as Bash 4.0 and the
/usr/xpg4/bin/sh shell from Solaris 10) erroneously exit with exit status
0 upon encountering a syntax error, if an exit trap is sett (as it is in
our test scripts).
* Makefile.am (check-tests-syntax): New, check that the shell test
scripts listed in $(TESTS) are syntactically correct.
(.PHONY, check-local): Depend on it.
* t/self-check-exit.tap : Remove checks verifying that a script exits
with non-zero status upon encountering a syntax error; as explained
above, we can't depend on that.
tests: don't use C instead of C++ compiler on case-insensitive platforms
This change fixes automake bug#11893 and bug#10766.
On at least Cygwin and Mac OS X 10.7, the file system where the system
compilers are located can be case-insensitive, so that looking for a
program named 'CC' might actually find the C compiler in /usr/bin/cc.
Now, the Automake configure script looks for a C++ compiler named 'CC'
before looking for more obvious names like c++ or g++ (that is done to
increase testsuite "coverage in the wild", e.g., preferring, on Solaris,
the Sun Studio C++ compiler /usr/bin/CC over the GNU C++ compiler).
Since the checks done in AC_PROG_CXX are apparently not strict enough
to rule out C compilers like those from GCC or Clang (which are smart
enough to recognize if a file has a C++ extension, passing it to the
C++ front end) the testsuite might end up using a C compiler where a
C++ one is expected, with some subtle bad consequences.
* configure.ac: Don't look for a C++ compiler named 'CC' if the
"top-level" file system(s) (where /bin and /usr/bin are) are detected
to be case-insensitive.
Reported-by: Peter Rosin <peda@lysator.liu.se> Reported-by: Max Horn <max@quendi.de> Helped-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefano Lattarini <stefano.lattarini@gmail.com>
* t/suffix8.tap: The libtool bug#11895 was causing the ./configure script
to output a stray "ok" string on a line of its own, confusing the TAP
driver into thinking this was an extra test result (which resulted in the
next, real test results being flagged as "OUT-OF-ORDER"). Fix this by
protecting configure output.
* t/suffix10.tap: Likewise, and for the "make distcheck" output as well.
* THANKS: Update.
* t/aclocal7.sh: Since aclocal rewrites aclocal.m4 unless the input files
are all older than the existing aclocal.m4, so we must sleep to ensure
somedefs.m4 has an older timestamp than the aclocal.m4 the next aclocal
call will generate.
This makes the fix for a locally-exploitable security vulnerability
(CVE-2012-3386) available to the Automake master branch.
* maint:
sync: update files from upstream with "make fetch"
news: improve wording in entry about CVE-2012-3386
maint: post-release minor version bump
release: stable release 1.12.2
distcheck: never make part of $(distdir) world-writable
compat: automake should substitute @mkdir_p@, for backward compatibility
fixup: t/README: it's ./runtest, not ./t/ax/runtest
distcheck: never make part of $(distdir) world-writable
This fixes a locally-exploitable security vulnerability (CVE-2012-3386).
In the 'distcheck' rule, we used to make the just-extracted (from
the distribution tarball) $(distdir) directory and all its files and
subdirectories read-only; then, in order to create the '_inst' and
'_build' subdirectories in there (used by the rest of the recipe) we
made the top-level $(distdir) *world-writable* for an instant (the
time to create those two directories) before making it read-only
again.
Making that directory world-writable (albeit only briefly) introduced a
locally exploitable race condition for those who run "make distcheck" with
a non-restrictive umask (e.g., 022) in a directory that is accessible by
others. A successful exploit would result in arbitrary code execution
with the privileges of the user running "make distcheck" -- game over.
Jim Meyering wrote a proof-of-concept script showing that such exploit is
easily implemented.
This issue is similar to the CVE-2009-4029 vulnerability:
<http://lists.gnu.org/archive/html/automake/2009-12/msg00012.html>
* lib/am/distdir.am (distcheck): Don't make $(distdir) world-writable,
not even for an instant; make it user-writable instead, which is enough.
Helped-By: Jim Meyering <jim@meyering.net> Signed-off-by: Stefano Lattarini <stefano.lattarini@gmail.com>
compat: automake should substitute @mkdir_p@, for backward compatibility
That has been unwittingly broken by commit v1.12-19-g7a1eb9f of 2012-04-28,
"AM_PROG_MKDIR_P: deprecate, to be removed in Automake 1.13". We thought it
wasn't a big deal, but Jim Meyering reported that @mkdir_p@ is used in
gettext's Makefile.in.in template:
<http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
tests: move 'runtest' into the top-level directory
Move our wrapper script 'runtest' (meant to allow the execution of
Automake test cases from the command line) from the 't/ax/' directory
to the top-level one. This makes the script easier to find and to
invoke. Much more importantly, our DejaGNU-checking test cases won't
try anymore to use that script instead of the 'runtest' program provided
by DejaGNU (that happened because '$(srcdir)/t/ax/' is automatically
added early to the $PATH variable in our test cases), which was causing
spurious SKIPs.
projects / thirdparty / automake.git / log
