From 56b85e035b77e48e7ec241b54da3f9c9d19e77d5 Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Thu, 5 Nov 2009 16:48:09 -0700 Subject: [PATCH] build: consistently use freopen-safer cat, head, ptx, shuf, tac, tail, tee, tr, and uniq used freopen on stdout, and were potentially vulnerable. dircolors, du, and tsort only used it on stdin, which is unaffected by freopen_safer, but this covers all uses for consistency. * cfg.mk (sc_require_stdio_safer): New rule. * gl/modules/xfreopen (Depends-on): Add freopen-safer. * gl/lib/xfreopen.c (includes): Use stdio--.h. * src/ptx.c (includes): Likewise. * src/shuf.c (includes): Likewise. * src/uniq.c (includes): Likewise. * src/dircolors.c (includes): Likewise. * src/du.c (includes): Likewise. * src/tsort.c (includes): Likewise. --- cfg.mk | 12 ++++++++++++ gl/lib/xfreopen.c | 1 + gl/modules/xfreopen | 1 + src/dircolors.c | 2 +- src/du.c | 2 +- src/ptx.c | 2 +- src/shuf.c | 2 +- src/tsort.c | 2 +- src/uniq.c | 2 +- 9 files changed, 20 insertions(+), 6 deletions(-) diff --git a/cfg.mk b/cfg.mk index 27349d038..03c3fcec9 100644 --- a/cfg.mk +++ b/cfg.mk @@ -237,4 +237,16 @@ sc_prohibit_fail_0: msg='fail=0 initialization' \ $(_prohibit_regexp) +# Ensure that "stdio--.h" is used where appropriate. +sc_require_stdio_safer: + @if $(VC_LIST_EXCEPT) | grep -l '\.[ch]$$' > /dev/null; then \ + files=$$(grep -l '\bfreopen \?(' $$($(VC_LIST_EXCEPT) \ + | grep '\.[ch]$$')); \ + test -n "$$files" && grep -LE 'include "stdio--.h"' $$files \ + | grep . && \ + { echo '$(ME): the above files should use "stdio--.h"' \ + 1>&2; exit 1; } || :; \ + else :; \ + fi + include $(srcdir)/dist-check.mk diff --git a/gl/lib/xfreopen.c b/gl/lib/xfreopen.c index 61091694b..32e68fa35 100644 --- a/gl/lib/xfreopen.c +++ b/gl/lib/xfreopen.c @@ -21,6 +21,7 @@ #include "error.h" #include "exitfail.h" #include "quote.h" +#include "stdio--.h" #include "gettext.h" #define _(msgid) gettext (msgid) diff --git a/gl/modules/xfreopen b/gl/modules/xfreopen index 411f80bbd..ed4ede75a 100644 --- a/gl/modules/xfreopen +++ b/gl/modules/xfreopen @@ -8,6 +8,7 @@ lib/xfreopen.h Depends-on: error exitfail +freopen-safer quote configure.ac: diff --git a/src/dircolors.c b/src/dircolors.c index f28487ea3..54139ba37 100644 --- a/src/dircolors.c +++ b/src/dircolors.c @@ -19,7 +19,6 @@ #include #include -#include #include "system.h" #include "dircolors.h" @@ -27,6 +26,7 @@ #include "error.h" #include "obstack.h" #include "quote.h" +#include "stdio--.h" #include "xstrndup.h" /* The official name of this program (e.g., no `g' prefix). */ diff --git a/src/du.c b/src/du.c index bee006d04..61a9c43c4 100644 --- a/src/du.c +++ b/src/du.c @@ -24,7 +24,6 @@ Rewritten to use nftw, then to use fts by Jim Meyering. */ #include -#include #include #include #include @@ -40,6 +39,7 @@ #include "quotearg.h" #include "same.h" #include "stat-time.h" +#include "stdio--.h" #include "xfts.h" #include "xstrtol.h" diff --git a/src/ptx.c b/src/ptx.c index 4947a0f91..701fcb33f 100644 --- a/src/ptx.c +++ b/src/ptx.c @@ -19,7 +19,6 @@ #include -#include #include #include #include "system.h" @@ -29,6 +28,7 @@ #include "quote.h" #include "quotearg.h" #include "regex.h" +#include "stdio--.h" #include "xstrtol.h" /* The official name of this program (e.g., no `g' prefix). */ diff --git a/src/shuf.c b/src/shuf.c index 0bb11abc1..71411a437 100644 --- a/src/shuf.c +++ b/src/shuf.c @@ -19,7 +19,6 @@ #include -#include #include #include "system.h" @@ -29,6 +28,7 @@ #include "quotearg.h" #include "randint.h" #include "randperm.h" +#include "stdio--.h" #include "xstrtol.h" /* The official name of this program (e.g., no `g' prefix). */ diff --git a/src/tsort.c b/src/tsort.c index 09067f267..cc6807a1e 100644 --- a/src/tsort.c +++ b/src/tsort.c @@ -22,7 +22,6 @@ #include -#include #include #include #include @@ -32,6 +31,7 @@ #include "error.h" #include "quote.h" #include "readtokens.h" +#include "stdio--.h" /* The official name of this program (e.g., no `g' prefix). */ #define PROGRAM_NAME "tsort" diff --git a/src/uniq.c b/src/uniq.c index 7509bfce9..ac7ecac53 100644 --- a/src/uniq.c +++ b/src/uniq.c @@ -18,7 +18,6 @@ #include -#include #include #include @@ -29,6 +28,7 @@ #include "hard-locale.h" #include "posixver.h" #include "quote.h" +#include "stdio--.h" #include "xmemcoll.h" #include "xstrtol.h" #include "memcasecmp.h"