Akim Demaille <[EMAIL PROTECTED]> writes: > > http://www.lrde.epita.fr/~akim/download/m4-1.4.tar.gz
> That tarball is exactly Debian GNU M4 1.4. Almost: you have one change in it that's not in Debian GNU M4 1.4-17. > Gary, would you pick up the ball? There is not much to do: take > Debian GNU M4 and publish it. Do not even think about changing > configure.in and so on. To help move things along, I did all that, generated a proposed tarball, and copied it to <ftp://alpha.gnu.org/gnu/bison/m4-1.4.1.tar.gz>. Gary, can you please review it and (if you like it) publish it as ftp://ftp.gnu.org/gnu/m4/m4-1.4.1.tar.gz? Thanks. Here are the changes in this version, relative to m4 1.4. (Note that some of these changes are not in CVS m4....) 2004-06-03 Paul Eggert <[EMAIL PROTECTED]> * Release 1.4.1. * configure.in (VERSION): Bump to 1.4.1. * NEWS: Describe 1.4.1's changes. * aclocal.m4 (fp_PROG_CC_STDC): Use AC_DEFUN, not define, to pacify Autoconf 2.59. * doc/m4.texinfo: Insert commas after @xref's that lack them, to pacify Texinfo 4.7. * doc/Makefile.in (info): Remove info-1, info-2, info-3. * src/m4.h, src/debug.c: Use #ifdef __STDC__, not #if __STDC__, to pacify Sun C compilers. 2003-09-28 Akim Demaille <[EMAIL PROTECTED]> * src/symtab.c (lookup_symbol): Fix an uninitialized-variable botch. 2003-09-03 Santiago Vila <[EMAIL PROTECTED]> * examples/stackovf.sh: Use tempfile if available. 2001-04-02 Robert Bihlmeyer <[EMAIL PROTECTED]> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=92629 * src/output.c (m4_insert_file): Do not mix buffered and unbuffered I/O, as this breaks on the Hurd. (trivial change) 2001-02-01 Santiago Vila <[EMAIL PROTECTED]> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=84451 * src/m4.c (main): Fix format vulnerabilities. (trivial change) 2001-02-01 Matt Kraai <[EMAIL PROTECTED]> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=84416 * doc/m4.texinfo (Maketemp): Change maketemp to refer to a new, empty file rather than to a nonexistent file. This closes a common security hole. * src/builtin.c (m4_maketemp): Implement the above, by using mkstemp rather than mktemp. (trivial change) 2000-01-09 Akim Demaille <[EMAIL PROTECTED]> * src/builtin.c (expand_ranges): Added break after trailing dash. This caused misbehaviors on some systems. diff -pru m4-1.4/aclocal.m4 m4-1.4.1/aclocal.m4 --- m4-1.4/aclocal.m4 1994-11-01 06:47:48 -0800 +++ m4-1.4.1/aclocal.m4 2004-06-03 14:48:32 -0700 @@ -1,5 +1,5 @@ # Local additions to Autoconf macros. -# Copyright (C) 1992, 1994 Free Software Foundation, Inc. +# Copyright (C) 1992, 1994, 2004 Free Software Foundation, Inc. # Francois Pinard <[EMAIL PROTECTED]>, 1992. # @defmac AC_PROG_CC_STDC @@ -18,7 +18,7 @@ # program @code{ansi2knr}, which comes with Ghostscript. # @end defmac -define(fp_PROG_CC_STDC, +AC_DEFUN([fp_PROG_CC_STDC], [AC_MSG_CHECKING(for ${CC-cc} option to accept ANSI C) AC_CACHE_VAL(ac_cv_prog_cc_stdc, [ac_cv_prog_cc_stdc=no diff -pru m4-1.4/configure.in m4-1.4.1/configure.in --- m4-1.4/configure.in 1994-11-05 19:40:38 -0800 +++ m4-1.4.1/configure.in 2004-06-03 14:31:21 -0700 @@ -1,15 +1,13 @@ # Configure template for GNU m4. -# Copyright (C) 1991, 1993, 1994 Free Software Foundation, Inc. +# Copyright (C) 1991, 1993, 1994, 2004 Free Software Foundation, Inc. # Process this file with autoconf to produce a configure script. -undefine([changeword]) - AC_INIT(src/m4.c) AC_CONFIG_HEADER(config.h) AC_ARG_PROGRAM PRODUCT=m4 -VERSION=1.4 +VERSION=1.4.1 AC_DEFINE_UNQUOTED(PRODUCT, "$PRODUCT") AC_DEFINE_UNQUOTED(VERSION, "$VERSION") AC_SUBST(PRODUCT) diff -pru m4-1.4/doc/m4.texinfo m4-1.4.1/doc/m4.texinfo --- m4-1.4/doc/m4.texinfo 1994-10-30 16:07:39 -0800 +++ m4-1.4.1/doc/m4.texinfo 2004-06-03 14:48:59 -0700 @@ -25,7 +25,8 @@ END-INFO-DIR-ENTRY @ifinfo This file documents the GNU @code{m4} utility. -Copyright (C) 1989, 1990, 1991, 1992, 1993, 1994 Free Software Foundation, Inc. +Copyright (C) 1989, 1990, 1991, 1992, 1993, 1994, 2004 Free Software +Foundation, Inc. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice @@ -279,7 +280,7 @@ popularity of GNU Autoconf, which prereq for many to install it, while these people will not themselves program in @code{m4}. GNU @code{m4} is mostly compatible with the System V, Release 3 version, except for some minor differences. [EMAIL PROTECTED] for more details. [EMAIL PROTECTED], for more details. Some people found @code{m4} to be fairly addictive. They first use @code{m4} for simple problems, then take bigger and bigger challenges, @@ -349,24 +350,24 @@ issued, considering all of them to be fa @itemx [EMAIL PROTECTED] Set the debug-level according to the flags @var{flags}. The debug-level controls the format and amount of information presented by the debugging -functions. @xref{Debug Levels} for more details on the format and +functions. @xref{Debug Levels}, for more details on the format and meaning of @var{flags}. @item [EMAIL PROTECTED] @itemx [EMAIL PROTECTED] Restrict the size of the output generated by macro tracing. @xref{Debug -Levels} for more details. +Levels}, for more details. @item [EMAIL PROTECTED] @itemx [EMAIL PROTECTED] Redirect debug and trace output to the named file. Error messages are -still printed on the standard error output. @xref{Debug Output} for +still printed on the standard error output. @xref{Debug Output}, for more details. @item [EMAIL PROTECTED] @itemx [EMAIL PROTECTED] Make @code{m4} search @var{dir} for included files that are not found in -the current working directory. @xref{Search Path} for more details. +the current working directory. @xref{Search Path}, for more details. @item -e @itemx --interactive @@ -630,7 +631,7 @@ is the string @end example The quote characters can be changed at any time, using the builtin macro [EMAIL PROTECTED] @xref{Changequote} for more information. [EMAIL PROTECTED] @xref{Changequote}, for more information. @node Other tokens, Comments, Quoted strings, Syntax @section Other tokens @@ -652,7 +653,7 @@ the comment. The commenting effect of t can be inhibited by quoting it. The comment delimiters can be changed to any string at any time, using -the builtin macro @code{changecom}. @xref{Changecom} for more +the builtin macro @code{changecom}. @xref{Changecom}, for more information. @c FIXME: more examples would be useful here --ADR @@ -738,7 +739,7 @@ one has to write @code{m4_dnl} and even If your version of GNU @code{m4} has the @code{changeword} feature compiled in, there it offers far more flexibility in specifying the -syntax of macro names, both builtin or user-defined. @xref{Changeword} +syntax of macro names, both builtin or user-defined. @xref{Changeword}, for more information on this experimental feature. Of course, the simplest way to prevent a name to be interpreted @@ -1571,7 +1572,7 @@ dumpdef(`define') The last example shows how builtin macros definitions are displayed. [EMAIL PROTECTED] Levels} for information on controlling the details of the [EMAIL PROTECTED] Levels}, for information on controlling the details of the display. @node Trace, Debug Levels, Dumpdef, Debugging @@ -1622,7 +1623,7 @@ The number between dashes is the depth o of the time, signifying an expansion at the outermost level, but it increases when macro arguments contain unquoted macro calls. [EMAIL PROTECTED] Levels} for information on controlling the details of the [EMAIL PROTECTED] Levels}, for information on controlling the details of the display. @node Debug Levels, Debug Output, Trace, Debugging @@ -2886,7 +2887,7 @@ which executes @var{shell-command} as a The expansion of @code{syscmd} is void, @emph{not} the output from @var{shell-command}! Output or error messages from @var{shell-command} -are not read by @code{m4}. @xref{Esyscmd} if you need to process the +are not read by @code{m4}. @xref{Esyscmd}, if you need to process the command output. Prior to executing the command, @code{m4} flushes its output buffers. @@ -2980,7 +2981,7 @@ maketemp(@var{template}) @end example @noindent -which expands to a name of a non-existent file, made from the string +which expands to a name of a new, empty file, made from the string @var{template}, which should end with the string @samp{XXXXXX}. The six @code{X}'s are then replaced, usually with something that includes the process id of the @code{m4} process, in order to make the filename unique. @@ -2989,15 +2990,8 @@ process id of the @code{m4} process, in @example maketemp(`/tmp/fooXXXXXX') @result{}/tmp/fooa07346 -maketemp(`/tmp/fooXXXXXX') [EMAIL PROTECTED]/tmp/fooa07346 @end example -As seen in the example, several calls of @code{maketemp} might expand to -the same string, since the selection criteria is whether the file exists -or not. If a file has not been created before the next call, the two -macro calls might expand to the same name. - The builtin macro @code{maketemp} is recognized only when given arguments. diff -pru m4-1.4/doc/Makefile.in m4-1.4.1/doc/Makefile.in --- m4-1.4/doc/Makefile.in 1994-11-05 12:52:26 -0800 +++ m4-1.4.1/doc/Makefile.in 2004-06-03 14:57:58 -0700 @@ -1,5 +1,5 @@ # Makefile for GNU m4 documentation. -# Copyright (C) 1994 Free Software Foundation, Inc. +# Copyright (C) 1994, 2004 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -33,7 +33,7 @@ infodir = $(prefix)/info .SUFFIXES: DISTFILES = Makefile.in m4.texinfo texinfo.tex \ -stamp-vti version.texi m4.info m4.info-1 m4.info-2 m4.info-3 +stamp-vti version.texi m4.info all: m4.info diff -pru m4-1.4/examples/stackovf.sh m4-1.4.1/examples/stackovf.sh --- m4-1.4/examples/stackovf.sh 1994-07-17 05:20:55 -0700 +++ m4-1.4.1/examples/stackovf.sh 2003-09-28 02:05:43 -0700 @@ -21,7 +21,7 @@ PATH=.:..:$PATH; export PATH; M4=m4 type $M4 -tmpfile=/tmp/t.$$ +tmpfile=`tempfile 2> /dev/null` || tmpfile=/tmp/t.$$ trap 'rm -f $tmpfile; exit 1' 1 2 3 15 rm -f core diff -pru m4-1.4/NEWS m4-1.4.1/NEWS --- m4-1.4/NEWS 1994-10-29 18:49:50 -0700 +++ m4-1.4.1/NEWS 2004-06-03 15:10:03 -0700 @@ -1,5 +1,10 @@ GNU m4 NEWS - User visible changes. -Copyright (C) 1992, 1993, 1994 Free Software Foundation, Inc. +Copyright (C) 1992, 1993, 1994, 2004 Free Software Foundation, Inc. + +Version 1.4.1 - June 2004, by Paul Eggert + +* maketemp now creates an empty file with the given name, instead of merely + returning the name of a nonexistent file. This closes a security hole. Version 1.4 - October 1994, by Franc,ois Pinard diff -pru m4-1.4/src/builtin.c m4-1.4.1/src/builtin.c --- m4-1.4/src/builtin.c 1994-08-31 09:45:12 -0700 +++ m4-1.4.1/src/builtin.c 2004-06-03 14:25:09 -0700 @@ -1,5 +1,7 @@ /* GNU m4 -- A simple macro processor - Copyright (C) 1989, 90, 91, 92, 93, 94 Free Software Foundation, Inc. + + Copyright (C) 1989, 1990, 1991, 1992, 1993, 1994, 2000 Free + Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1076,9 +1078,15 @@ m4_sinclude (struct obstack *obs, int ar static void m4_maketemp (struct obstack *obs, int argc, token_data **argv) { + int fd; if (bad_argc (argv[0], argc, 2, 2)) return; - mktemp (ARG (1)); + if ((fd = mkstemp (ARG (1))) < 0) + { + M4ERROR ((warning_status, errno, "Cannot create tempfile %s", ARG (1))); + return; + } + close(fd); obstack_grow (obs, ARG (1), strlen (ARG (1))); } @@ -1380,7 +1388,11 @@ expand_ranges (const char *s, struct obs { to = *++s; if (to == '\0') - obstack_1grow (obs, '-'); /* trailing dash */ + { + /* trailing dash */ + obstack_1grow (obs, '-'); + break; + } else if (from <= to) { while (from++ < to) diff -pru m4-1.4/src/debug.c m4-1.4.1/src/debug.c --- m4-1.4/src/debug.c 1994-10-30 12:47:50 -0800 +++ m4-1.4.1/src/debug.c 2004-06-03 15:06:58 -0700 @@ -1,5 +1,5 @@ /* GNU m4 -- A simple macro processor - Copyright (C) 1991, 1992, 1993, 1994 Free Software Foundation, Inc. + Copyright (C) 1991, 1992, 1993, 1994, 2004 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,7 @@ #include <sys/stat.h> -#if __STDC__ +#ifdef __STDC__ #include <stdarg.h> #else #include <varargs.h> @@ -220,7 +220,7 @@ debug_message_prefix (void) | left quote) and %r (optional right quote). | `---------------------------------------------------------------------*/ -#if __STDC__ +#ifdef __STDC__ static void trace_format (const char *fmt, ...) #else @@ -228,7 +228,7 @@ static void trace_format (...) #endif { -#if ! __STDC__ +#ifndef __STDC__ const char *fmt; #endif va_list args; @@ -240,7 +240,7 @@ trace_format (...) int slen; int maxlen; -#if __STDC__ +#ifdef __STDC__ va_start (args, fmt); #else va_start (args); diff -pru m4-1.4/src/m4.c m4-1.4.1/src/m4.c --- m4-1.4/src/m4.c 1994-11-01 19:14:28 -0800 +++ m4-1.4.1/src/m4.c 2003-09-28 02:05:43 -0700 @@ -369,7 +369,7 @@ main (int argc, char *const *argv, char case 'o': if (!debug_set_output (optarg)) - error (0, errno, optarg); + error (0, errno, "%s", optarg); break; case 's': @@ -466,7 +466,7 @@ main (int argc, char *const *argv, char fp = path_search (argv[optind]); if (fp == NULL) { - error (0, errno, argv[optind]); + error (0, errno, "%s", argv[optind]); continue; } else diff -pru m4-1.4/src/m4.h m4-1.4.1/src/m4.h --- m4-1.4/src/m4.h 1994-10-30 23:15:50 -0800 +++ m4-1.4.1/src/m4.h 2004-06-03 15:06:46 -0700 @@ -1,5 +1,7 @@ /* GNU m4 -- A simple macro processor - Copyright (C) 1989, 90, 91, 92, 93, 94 Free Software Foundation, Inc. + + Copyright (C) 1989, 1990, 1991, 1992, 1993, 1994, 2004 Free + Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -26,7 +28,7 @@ #include <sys/types.h> -#if __STDC__ +#ifdef __STDC__ # define voidstar void * #else # define voidstar char * diff -pru m4-1.4/src/output.c m4-1.4.1/src/output.c --- m4-1.4/src/output.c 1994-09-01 23:27:40 -0700 +++ m4-1.4.1/src/output.c 2003-09-28 02:05:43 -0700 @@ -467,12 +467,12 @@ insert_file (FILE *file) /* Insert output by big chunks. */ - while (length = read (fileno (file), buffer, COPY_BUFFER_SIZE), + errno = 0; + while (length = fread (buffer, 1, COPY_BUFFER_SIZE, file), length != 0) - if (length == (size_t) -1) - M4ERROR ((EXIT_FAILURE, errno, "ERROR: Reading inserted file")); - else - output_text (buffer, length); + output_text (buffer, length); + if (errno) + M4ERROR ((EXIT_FAILURE, errno, "ERROR: Reading inserted file")); } /*-------------------------------------------------------------------------. diff -pru m4-1.4/src/symtab.c m4-1.4.1/src/symtab.c --- m4-1.4/src/symtab.c 1994-11-01 19:11:34 -0800 +++ m4-1.4.1/src/symtab.c 2004-06-03 14:46:40 -0700 @@ -1,6 +1,8 @@ /* GNU m4 -- A simple macro processor - Copyright (C) 1989, 90, 91, 92, 93, 94 Free Software Foundation, Inc. - + + Copyright (C) 1989, 1990, 1991, 1992, 1993, 1994, 2003 Free + Software Foundation, Inc. + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) @@ -147,6 +149,9 @@ lookup_symbol (const char *name, symbol_ SYMBOL_TYPE (sym) = TOKEN_VOID; SYMBOL_TRACED (sym) = SYMBOL_SHADOWED (sym) = FALSE; SYMBOL_NAME (sym) = xstrdup (name); + SYMBOL_SHADOWED (sym) = FALSE; + SYMBOL_MACRO_ARGS (sym) = FALSE; + SYMBOL_BLIND_NO_ARGS (sym) = FALSE; SYMBOL_NEXT (sym) = *spp; (*spp) = sym; _______________________________________________ Bug-m4 mailing list [EMAIL PROTECTED] http://lists.gnu.org/mailman/listinfo/bug-m4
