This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU M4 source repository".
http://git.sv.gnu.org/gitweb/?p=m4.git;a=commitdiff;h=4f1f438e49632dbd5c5061d8992498acea8cf4b3 The branch, master has been updated via 4f1f438e49632dbd5c5061d8992498acea8cf4b3 (commit) via 74f73804d6c375516ad834a9db980afea286fa4c (commit) from 9123df1a730177cdfcd9cbbe17c5275c9473bccf (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4f1f438e49632dbd5c5061d8992498acea8cf4b3 Author: Eric Blake <[EMAIL PROTECTED]> Date: Wed Feb 6 12:01:29 2008 -0700 Fix security hole introduced 2007-11-23. * m4/utility.c (m4_verror_at_line): Properly escape macro names. * src/main.c (main): Manage quoteargs defaults. * doc/m4.texinfo (Indir): Document and test this. Signed-off-by: Eric Blake <[EMAIL PROTECTED]> commit 74f73804d6c375516ad834a9db980afea286fa4c Author: Eric Blake <[EMAIL PROTECTED]> Date: Wed Feb 6 11:17:29 2008 -0700 Using raw strtod is not portable. * ltdl/m4/gnulib-cache.m4: Import the strtod module. Signed-off-by: Eric Blake <[EMAIL PROTECTED]> ----------------------------------------------------------------------- Summary of changes: ChangeLog | 10 ++++++++++ doc/m4.texinfo | 14 ++++++++++++++ ltdl/m4/gnulib-cache.m4 | 4 ++-- m4/utility.c | 24 ++++++++++++++++++++++-- src/main.c | 6 +++++- 5 files changed, 53 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8ee5d0f..5341313 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2008-02-06 Eric Blake <[EMAIL PROTECTED]> + + Fix security hole introduced 2007-11-23. + * m4/utility.c (m4_verror_at_line): Properly escape macro names. + * src/main.c (main): Manage quoteargs defaults. + * doc/m4.texinfo (Indir): Document and test this. + + Using raw strtod is not portable. + * ltdl/m4/gnulib-cache.m4: Import the strtod module. + 2008-02-02 Eric Blake <[EMAIL PROTECTED]> Consistently use size_t for number of arguments. diff --git a/doc/m4.texinfo b/doc/m4.texinfo index 9e9dd46..642c14e 100644 --- a/doc/m4.texinfo +++ b/doc/m4.texinfo @@ -2607,6 +2607,20 @@ indir(`divert', defn(`foo')) @result{} @end example +Warning messages issued on behalf of an indirect macro use an +unambiguous representation of the macro name, using escape sequences +similar to C strings, and with colons also quoted. + [EMAIL PROTECTED] +define(`%%:\ +odd', defn(`divnum')) [EMAIL PROTECTED] +indir(`%%:\ +odd', `extra') [EMAIL PROTECTED]:stdin:3: Warning: %%\:\\\nodd: extra arguments ignored: 1 > 0 [EMAIL PROTECTED] [EMAIL PROTECTED] example + @node Builtin @section Indirect call of builtins diff --git a/ltdl/m4/gnulib-cache.m4 b/ltdl/m4/gnulib-cache.m4 index 3d01c5f..4a08efb 100644 --- a/ltdl/m4/gnulib-cache.m4 +++ b/ltdl/m4/gnulib-cache.m4 @@ -15,11 +15,11 @@ # Specification in the form of a command-line invocation: -# gnulib-tool --import --dir=. --local-dir=local --lib=libgnu --source-base=gnu --m4-base=ltdl/m4 --doc-base=doc --aux-dir=build-aux --with-tests --libtool --macro-prefix=M4 assert autobuild avltree-oset binary-io clean-temp cloexec close-stream closein config-h configmake dirname error exit fdl fflush filenamecat flexmember fopen-safer free fseeko gendocs gettext gnupload gpl-3.0 intprops memmem mkstemp obstack progname quote regex regexprops-generic sprintf-posix stdbool stdlib-safer strnlen strtol tempname unlocked-io vasnprintf-posix verror xalloc xalloc-die xprintf-posix xstrndup xvasprintf-posix +# gnulib-tool --import --dir=. --local-dir=local --lib=libgnu --source-base=gnu --m4-base=ltdl/m4 --doc-base=doc --aux-dir=build-aux --with-tests --libtool --macro-prefix=M4 assert autobuild avltree-oset binary-io clean-temp cloexec close-stream closein config-h configmake dirname error exit fdl fflush filenamecat flexmember fopen-safer free fseeko gendocs gettext gnupload gpl-3.0 intprops memmem mkstemp obstack progname quote regex regexprops-generic sprintf-posix stdbool stdlib-safer strnlen strtod strtol tempname unlocked-io vasnprintf-posix verror xalloc xalloc-die xprintf-posix xstrndup xvasprintf-posix # Specification in the form of a few gnulib-tool.m4 macro invocations: gl_LOCAL_DIR([local]) -gl_MODULES([assert autobuild avltree-oset binary-io clean-temp cloexec close-stream closein config-h configmake dirname error exit fdl fflush filenamecat flexmember fopen-safer free fseeko gendocs gettext gnupload gpl-3.0 intprops memmem mkstemp obstack progname quote regex regexprops-generic sprintf-posix stdbool stdlib-safer strnlen strtol tempname unlocked-io vasnprintf-posix verror xalloc xalloc-die xprintf-posix xstrndup xvasprintf-posix]) +gl_MODULES([assert autobuild avltree-oset binary-io clean-temp cloexec close-stream closein config-h configmake dirname error exit fdl fflush filenamecat flexmember fopen-safer free fseeko gendocs gettext gnupload gpl-3.0 intprops memmem mkstemp obstack progname quote regex regexprops-generic sprintf-posix stdbool stdlib-safer strnlen strtod strtol tempname unlocked-io vasnprintf-posix verror xalloc xalloc-die xprintf-posix xstrndup xvasprintf-posix]) gl_AVOID([]) gl_SOURCE_BASE([gnu]) gl_M4_BASE([ltdl/m4]) diff --git a/m4/utility.c b/m4/utility.c index 69349fe..60b7644 100644 --- a/m4/utility.c +++ b/m4/utility.c @@ -24,6 +24,7 @@ #include "exitfail.h" #include "progname.h" +#include "quotearg.h" #include "verror.h" #include "xvasprintf.h" @@ -154,18 +155,37 @@ m4_verror_at_line (m4 *context, bool warn, int status, int errnum, const char *format, va_list args) { char *full = NULL; + char *safe_macro = NULL; + + /* Sanitize MACRO, sinze we are turning around and using it in a + format string. The allocation is overly conservative, but + problematic macro names only occur via indir or changesyntax. */ + if (macro && strchr (macro, '%')) + { + char *p = safe_macro = xcharalloc (2 * strlen (macro) + 1); + do + { + if (*macro == '%') + *p++ = '%'; + *p++ = *macro++; + } + while (*macro); + } /* Prepend warning and the macro name, as needed. But if that fails for non-memory reasons (unlikely), then still use the original format. */ if (warn && macro) - full = xasprintf (_("Warning: %s: %s"), macro, format); + full = xasprintf (_("Warning: %s: %s"), + quotearg (safe_macro ? safe_macro : macro), format); else if (warn) full = xasprintf (_("Warning: %s"), format); else if (macro) - full = xasprintf (_("%s: %s"), macro, format); + full = xasprintf (_("%s: %s"), + quotearg (safe_macro ? safe_macro : macro), format); verror_at_line (status, errnum, line ? file : NULL, line, full ? full : format, args); free (full); + free (safe_macro); if ((!warn || m4_get_fatal_warnings_opt (context)) && !m4_get_exit_status (context)) m4_set_exit_status (context, EXIT_FAILURE); diff --git a/src/main.c b/src/main.c index 48d99d2..e36c826 100644 --- a/src/main.c +++ b/src/main.c @@ -1,7 +1,7 @@ /* GNU m4 -- A simple macro processor Copyright (C) 1989, 1990, 1991, 1992, 1993, 1994, 1999, 2000, 2003, - 2004, 2005, 2006, 2007 Free Software Foundation, Inc. + 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. This file is part of GNU M4. @@ -29,6 +29,7 @@ #include "closein.h" #include "configmake.h" #include "getopt.h" +#include "quotearg.h" #include "version-etc.h" #include "xstrtol.h" @@ -363,6 +364,8 @@ main (int argc, char *const *argv, char *const *envp) m4_set_posixly_correct_opt (context, true); m4_set_suppress_warnings_opt (context, true); } + set_quoting_style (NULL, escape_quoting_style); + set_char_quoting (NULL, ':', 1); /* First, we decode the arguments, to size up tables and stuff. Avoid lasting side effects; for example 'm4 --debugfile=oops @@ -789,6 +792,7 @@ main (int argc, char *const *argv, char *const *envp) m4_delete (context); m4_hash_exit (); + quotearg_free (); #ifdef USE_STACKOVF stackovf_exit (); hooks/post-receive -- GNU M4 source repository
