Mercurial > hg > octave-nkf > gnulib-hg
changeset 15315:94b3a0b47189
maint.mk: add syntax-check to avoid char[PATH_MAX]
POSIX allows PATH_MAX to be undefined. And even if you use the
gnulib pathmax module, where "pathmax.h" guarantees a definition,
the definition might not be constant or might be so large as to
be wasteful or cause stack overflows. PATH_MAX should only be
used as a limit or hueristic, not an array size.
* top/maint.mk (sc_prohibit_path_max_array): New rule.
Signed-off-by: Eric Blake <eblake@redhat.com>
author | Eric Blake <eblake@redhat.com> |
---|---|
date | Wed, 22 Jun 2011 15:02:24 -0600 |
parents | 517a0b73b86b |
children | b62cfb73a10c |
files | ChangeLog top/maint.mk |
diffstat | 2 files changed, 12 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2011-06-22 Eric Blake <eblake@redhat.com> + maint.mk: add syntax-check to avoid char[PATH_MAX] + * top/maint.mk (sc_prohibit_path_max_array): New rule. + stat: be robust to PATH_MAX definition * lib/stat.c (rpl_stat): Require reasonable PATH_MAX. * modules/stat (Depends-on): Add verify.
--- a/top/maint.mk +++ b/top/maint.mk @@ -1106,6 +1106,7 @@ # the other init.sh-using tests also get it right. _hv_file ?= $(srcdir)/tests/help-version _hv_regex_weak ?= ^ *\. .*/init\.sh" +# Fix syntax-highlighters " _hv_regex_strong ?= ^ *\. "\$${srcdir=\.}/init\.sh" sc_cross_check_PATH_usage_in_tests: @if test -f $(_hv_file); then \ @@ -1133,6 +1134,14 @@ halt='Use 0 or 1 for macro values' \ $(_sc_search_regexp) +# Even if you use pathmax.h to guarantee that PATH_MAX is defined, it might +# not be constant. In general, use PATH_MAX as a limit, not an array +# allocation bound. +sc_prohibit_path_max_array: + @prohibit='\[PATH''_MAX' \ + halt='Avoid arrays of size PATH_MAX' \ + $(_sc_search_regexp) + sc_vulnerable_makefile_CVE-2009-4029: @prohibit='perm -777 -exec chmod a\+rwx|chmod 777 \$$\(distdir\)' \ in_files=$$(find $(srcdir) -name Makefile.in) \