Re: Enabling compiler warning flags

2012-12-20 Thread Jeffrey Walton
On Tue, Dec 18, 2012 at 12:28 AM, David A. Wheeler dwhee...@dwheeler.com wrote: Jim Meyering said: Did you realize that several GNU projects now enable virtually every gcc warning that is available (even including those that are new in the upcoming gcc-4.8, for folks that use bleeding edge

Re: Enabling compiler warning flags

2012-12-20 Thread Bob Friesenhahn
On Thu, 20 Dec 2012, Jeffrey Walton wrote: If a project does not observe proper preprocessor macros for a configuration, a project could fall victim to runtime assertions and actually DoS itself after the assert calls abort(). The ISC's DNS The falling victim to runtime assertions is the same

Re: Enabling compiler warning flags

2012-12-20 Thread Russ Allbery
Jeffrey Walton noloa...@gmail.com writes: If a project does not observe proper preprocessor macros for a configuration, a project could fall victim to runtime assertions and actually DoS itself after the assert calls abort(). The ISC's DNS server comes to mind (confer: there are CVE's

Re: Enabling compiler warning flags

2012-12-20 Thread Jeffrey Walton
Hi Russ, On Thu, Dec 20, 2012 at 3:49 PM, Russ Allbery r...@stanford.edu wrote: Jeffrey Walton noloa...@gmail.com writes: If a project does not observe proper preprocessor macros for a configuration, a project could fall victim to runtime assertions and actually DoS itself after the assert

Re: Enabling compiler warning flags

2012-12-20 Thread Bob Friesenhahn
On Thu, 20 Dec 2012, Jeffrey Walton wrote: The falling victim to runtime assertions is the same as falling victim to a bug. It is not necessarily true that removing the assertion is better than suffering from the unhandled bug. Once again this is a program/situation-specific issue. Well, I

Re: Enabling compiler warning flags

2012-12-20 Thread Paul Eggert
On 12/20/2012 01:32 PM, Jeffrey Walton wrote: Posix asserts are useless during development under a debugger because the eventually lead to SIGTERM. A much better approach in practice is to SIGTRAP. I didn't follow all that message, but this part doesn't appear to be correct. In POSIX, when

alloca patch

2012-12-20 Thread Patrick Welche
Having seen the message that a release might be imminent, I had a look at the patches for autoconf in http://ftp.netbsd.org/pub/pkgsrc/current/pkgsrc/devel/autoconf/patches so the attached might want to go in... Cheers, Patrick From ffc83effa49340314d71ff266d94b512e1f00e3a Mon Sep 17 00:00:00

Re: alloca patch

2012-12-20 Thread Eric Blake
On 12/20/2012 02:51 AM, Patrick Welche wrote: Having seen the message that a release might be imminent, I had a look at the patches for autoconf in http://ftp.netbsd.org/pub/pkgsrc/current/pkgsrc/devel/autoconf/patches so the attached might want to go in... +++

Re: alloca patch

2012-12-20 Thread Patrick Welche
On Thu, Dec 20, 2012 at 08:31:43AM -0700, Eric Blake wrote: Or maybe the problem is that our test for ac_cv_func_alloca_works doesn't match the documentation, since it is only doing: Indeed - the version in the documentation wouldn't need the patch... I'll just check this... Cheers, Patrick