gbranden pushed a commit to branch master
in repository groff.
commit 271b4ecefed1d9918d458db091187197d77de3d7
Author: G. Branden Robinson <[email protected]>
AuthorDate: Tue Oct 7 12:32:52 2025 -0500
[pic]: Enable "locking" safer mode (2/3).
* src/preproc/pic/main.cpp (main): New Boolean `is_safer_mode_locked`
indicates whether the `-S` command-line option has been seen. Accept
new `-S` option. If encountered, unset `want_unsafe_mode` Boolean
and set `is_safer_mode_locked`. When encountering `-U` option, throw
diagnostic and ignore it if `is_safer_mode_locked` is set.
* src/prepic/pic/pic.1.man (Options): Document it.
Illustration:
$ echo | ./build/pic > /dev/null
$ echo | ./build/pic -S > /dev/null
$ echo | ./build/pic -U -S > /dev/null
$ echo | ./build/pic -S -U > /dev/null
./build/pic: error: ignoring '-U' option; '-S' already specified
---
ChangeLog | 13 +++++++++++++
src/preproc/pic/main.cpp | 7 ++++++-
src/preproc/pic/pic.1.man | 18 ++++++++++++------
3 files changed, 31 insertions(+), 7 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index b8138862f..168b9fbba 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2025-10-07 G. Branden Robinson <[email protected]>
+
+ [pic]: Enable "locking" safer mode (2/3).
+
+ * src/preproc/pic/main.cpp (main): New Boolean
+ `is_safer_mode_locked` indicates whether the `-S` command-line
+ option has been seen. Accept new `-S` option. If encountered,
+ unset `want_unsafe_mode` Boolean and set `is_safer_mode_locked`.
+ When encountering `-U` option, throw diagnostic and ignore it if
+ `is_safer_mode_locked` is set.
+
+ * src/prepic/pic/pic.1.man (Options): Document it.
+
2025-10-07 G. Branden Robinson <[email protected]>
[troff]: Enable "locking" safer mode.
diff --git a/src/preproc/pic/main.cpp b/src/preproc/pic/main.cpp
index add3f18f2..94e1616ac 100644
--- a/src/preproc/pic/main.cpp
+++ b/src/preproc/pic/main.cpp
@@ -546,6 +546,7 @@ int main(int argc, char **argv)
static char stderr_buf[BUFSIZ];
setbuf(stderr, stderr_buf);
int opt;
+ bool is_safer_mode_locked = false;
#ifdef TEX_SUPPORT
int tex_flag = 0;
int tpic_flag = 0;
@@ -570,9 +571,13 @@ int main(int argc, char **argv)
break;
case 'S':
want_unsafe_mode = false;
+ is_safer_mode_locked = true;
break;
case 'U':
- want_unsafe_mode = true;
+ if (is_safer_mode_locked)
+ error("ignoring '-U' option; '-S' already specified");
+ else
+ want_unsafe_mode = true;
break;
case 'f':
#ifdef FIG_SUPPORT
diff --git a/src/preproc/pic/pic.1.man b/src/preproc/pic/pic.1.man
index 97157079f..e2d80d333 100644
--- a/src/preproc/pic/pic.1.man
+++ b/src/preproc/pic/pic.1.man
@@ -281,14 +281,20 @@ mode.
.
.TP
.B \-S
-Operate in
-.I safer mode;
+Enable safer mode and ignore any subsequent
+.B \-U
+option.
+.
+In
+.I "safer mode,"
+.I @g@pic
+ignores
.B sh
-commands are ignored.
+commands,
+which can be useful when operating on untrustworthy input.
.
-This mode,
-enabled by default,
-can be useful when operating on untrustworthy input.
+.I @g@pic
+operates in safer mode by default.
.
.
.TP
_______________________________________________
groff-commit mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/groff-commit
