diff options
| author | Colin Watson <cjwatson@debian.org> | 2012-09-17 22:29:41 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2012-09-17 22:29:41 +0100 |
| commit | bd95b62bb153b1c67441ac2d4229ff2489bada1b (patch) | |
| tree | c73d9101d9a5224720a30a259b9d24148f464ab6 /gnulib/lib | |
| parent | eadb01cb04ab2dd050a352a110263cb29cc3ddf2 (diff) | |
Backport Gnulib commit 66712c23388e93e5c518ebc8515140fa0c807348 to
stop assuming gets.
* gnulib/gets.patch: New file.
* autogen.sh: Apply gnulib/gets.patch.
* NEWS: Document this.
Diffstat (limited to 'gnulib/lib')
| -rw-r--r-- | gnulib/lib/Makefile.in | 1 | ||||
| -rw-r--r-- | gnulib/lib/stdio.in.h | 25 |
2 files changed, 7 insertions, 19 deletions
diff --git a/gnulib/lib/Makefile.in b/gnulib/lib/Makefile.in index 8a7855ee..8244246d 100644 --- a/gnulib/lib/Makefile.in +++ b/gnulib/lib/Makefile.in @@ -470,7 +470,6 @@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ -GNULIB_GETS = @GNULIB_GETS@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@ GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@ diff --git a/gnulib/lib/stdio.in.h b/gnulib/lib/stdio.in.h index 9dc7c4a6..4d3f0bb7 100644 --- a/gnulib/lib/stdio.in.h +++ b/gnulib/lib/stdio.in.h @@ -698,22 +698,11 @@ _GL_WARN_ON_USE (getline, "getline is unportable - " # endif #endif -#if @GNULIB_GETS@ -# if @REPLACE_STDIO_READ_FUNCS@ && @GNULIB_STDIO_H_NONBLOCKING@ -# if !(defined __cplusplus && defined GNULIB_NAMESPACE) -# undef gets -# define gets rpl_gets -# endif -_GL_FUNCDECL_RPL (gets, char *, (char *s) _GL_ARG_NONNULL ((1))); -_GL_CXXALIAS_RPL (gets, char *, (char *s)); -# else -_GL_CXXALIAS_SYS (gets, char *, (char *s)); -# undef gets -# endif -_GL_CXXALIASWARN (gets); /* It is very rare that the developer ever has full control of stdin, - so any use of gets warrants an unconditional warning. Assume it is - always declared, since it is required by C89. */ + so any use of gets warrants an unconditional warning; besides, C11 + removed it. */ +#undef gets +#if HAVE_RAW_DECL_GETS _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); #endif @@ -1053,9 +1042,9 @@ _GL_WARN_ON_USE (snprintf, "snprintf is unportable - " # endif #endif -/* Some people would argue that sprintf should be handled like gets - (for example, OpenBSD issues a link warning for both functions), - since both can cause security holes due to buffer overruns. +/* Some people would argue that all sprintf uses should be warned about + (for example, OpenBSD issues a link warning for it), + since it can cause security holes due to buffer overruns. However, we believe that sprintf can be used safely, and is more efficient than snprintf in those safe cases; and as proof of our belief, we use sprintf in several gnulib modules. So this header |