> Index: gen-make.py
> ===================================================================
> --- gen-make.py (revision 1514179)
> +++ gen-make.py (working copy)
> @@ -278,6 +278,9 @@ if __name__ == '__main__':
> except getopt.GetoptError, e:
> _usage_exit(str(e))
>
> + if args and args[0] == '¥n':
> + _usage_exit("argument must not be end-of-line.")
> +
I think that's the wrong fix. Input validation should be done by
checking that the input is valid, not by ruling out every known invalid
value.[1] In this case: by checking os.path.exists() at the point in the
code that tries to interpret the argument as a filename.
That point could be claimed to be gen-make.py:287 or gen_base.py:78. In
the latter, we can either use ConfigParser.ConfigParser.read() and add
an explicit os.path.exists() / os.access(R_OK) check, or maybe we could
use .readfp() instead of .read() --- that should cause a better stack
trace.
Cheers,
Daniel
[1] Also, "\n" is a valid filename on unix, and the code path you
patched runs on unix too.
> conf = 'build.conf'
> skip = 0
> gentype = 'make'
