| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
The idea is to defend against some adversary-in-the-middle attacks.
Also prefer git.savannah.gnu.org over its shorter alias, git.sv.gnu.org
to avoid a warning e.g., from git clone.
Also, drop any final ".git" suffix on the resulting URIs.
Inspired by Paul Eggert's nearly identical changes to coreutils.
|
|
|
|
|
|
|
|
|
|
|
| |
* basicdefs.h: Do not include alloca.h.
* bootstrap.conf (gnulib_modules): Remove alloca, stdalign,
c-ctype, closeout, mbrlen, verify.
Add version-etc.
* lib/.gitignore, m4/.gitignore: Omit now-unused files.
* po/POTFILES.in: Remove closeout.c.
* testsuite/test-mbrtowc.c: Do not include closeout.h.
(main): Close stdout by hand, to avoid a dependency on closeout.
|
|
|
|
|
|
|
|
| |
* sed/local.mk (sed_sed_LDADD): Update for current Gnulib
by using $(CLOCK_LIB__GETTIME), $(GETRANDOM_LIB),
$(HARD_LOCALE_LIB), $(MBRTOWC_LIB), $(SETLOCALE_NULL_LIB)
instead of $(LIB_CLOCK_GETTIME), $(LIB_GETRANDOM),
$(LIB_HARD_LOCALE, $(LIB_MBRTOWC), $(LIB_SETLOCALE_NULL).
|
| |
|
|
|
|
| |
* bootstrap: Sync from gnulib.
|
|
|
|
| |
* README-hacking: Sync from coreutils.
|
|
|
|
|
|
| |
* sed/sed.h (lcmd_out_line_len): Declare intmax_t, not idx_t.
Problem reported by Bruno Haible in:
https://lists.gnu.org/r/sed-devel/2023-01/msg00001.html
|
| |
|
|
|
|
|
|
|
|
|
| |
v4.9-14-g3d75b4a changed the diagnostic, but did not update
the occurrences of the diagnostic in expected test outputs.
* testsuite/compile-errors.sh: Accommodate changed diagnostic.
* testsuite/mb-y-translate.sh: Likewise.
* testsuite/normalize-text.sh: Likewise.
Reported by Bruno Haible in https://bugs.gnu.org/61159
|
|
|
|
|
| |
* sed/local.mk (sed_sed_LDADD): Add $(QCOPY_ACL_LIB).
Reported in https://lists.gnu.org/r/sed-devel/2023-01/msg00001.html
|
|
|
|
| |
* lib/.gitignore, m4/.gitignore: Also reflect regenerated .gitignore files.
|
|
|
|
|
| |
* sed/compile.c (compile_program): Improve diagnostic wording
that also happens to shorten the line so it's length is < 80.
|
|
|
|
| |
* sed/execute.c (alloc): Indent with spaces, not TABs.
|
| |
|
| |
|
|
|
|
|
| |
* testsuite/execute-tests.sh: Add some tests with
enormous integers.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix some some longstanding but unlikely integer overflows.
Internally, 'sed' now more often prefers signed integer arithmetic,
which can be checked automatically via 'gcc -fsanitize=undefined'.
* basicdefs.h (countT): Remove. All uses replaced
with a more-specific signed type, e.g., idx_t.
Similarly, change uses of types like size_t to
signed types like idx_t when appropriate.
(REALLOC): Remove; no longer used. We now use xpalloc
because that detects integer overflow in size calculations.
Also, we no longer use XCALLOC since the code never relies
on the storage being zero, and leaving it uninitialized is
more likely to catch errors when debugging implementations
are used. We use XNMALLOC instead, or xpalloc.
* bootstrap.conf (gnulib_modules): Add stdckdint, strtoimax.
* lib/.gitignore, m4/.gitignore: Update for new Gnulib modules.
* sed/compile.c: Include stdckdint.h.
(VECTOR_ALLOC_INCREMENT): Remove; no longer used.
(in_integer): Return maximal value if integer overflow.
All callers changed to expect this.
(next_cmd_entry): Use xpalloc instead of reallocating by hand,
which might suffer integer overflow.
(normalize_text): Don’t rely on system-defined conversion
of out-of-range size_t to int.
(next_cmd_entry): Arg is now pointer, not pointer-to-pointer.
All uses changed.
* sed/debug.c (debug_print_function): Don’t attempt to
fwrite a null pointer with a zero size.
* sed/execute.c: Include <stdckdint.h>, "minmax.h".
(resize_line): LEN arg is now increment, not total length,
to avoid overflow when calculating total length.
All uses changed. Do not assume lb->alloc * 2 cannot overflow.
(resize_line, line_copy): Use xpalloc instead of doing realloc by
hand, which might suffer integer overflow.
(str_append_modified): Do not add n to to->length until
after it's known this cannot overflow.
(read_file_line): Don’t assume ssize_t fits in long.
(get_backup_file_name): Don’t assume string length fits in int.
Do not assume PTR-1+1 works; behavior is undefined if PTR
is at buffer start. Check for integer overflow in buffer
size calculation.
(read_pattern_space): Check for line number overflow.
(match_address_p): Check for address overflow.
(debug_print_line): Omit unnecessary test for in->active being null.
(execute_program): Check for Q overflow.
* sed/regexp.c: Include <stdckdint.h>.
(match_regex): Don’t assume TYPE_MAXIMUM (regoff_t) == INT_MAX.
* sed/sed.c: Include inttypes.h, for strtoimax.
(main): Use strtoimax, not atoi.
* sed/utils.c (init_buffer): Use xmalloc and xpalloc
instead of guessing sizes ourselves, and unnecessarily
initializing.
(resize_buffer): Remove; all callers changed to use xpalloc.
(free_buffer): Don’t call free (NULL), since we already
test whether the pointer is null.
|
|
|
|
|
|
| |
* sed/debug.c: Do not include assert.h.
(debug_print_function): Use plain abort () rather than assert (0).
This is simpler and just as useful.
|
|
|
|
|
|
| |
* bootstrap.conf (gnulib_modules): Add mempcpy.
* sed/utils.c (ck_mkstemp): Use mempcpy instead of sprintf,
which doesn’t work with strings longer than INT_MAX.
|
|
|
|
|
|
|
|
| |
* sed/execute.c (do_list): Simplify by doing octal escapes
by hand (!) instead of having sprintf do it. This makes it
easier for compilers and humans see that buffer overflow
is impossible. And it’s quite a bit faster if the input
consists mostly of odd control bytes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* basicdefs.h, sed/regexp.c (N_): Remove; no longer used.
* bootstrap.conf (XGETTEXT_OPTIONS):
Treat bad_prog as a function that translates its first arg.
Omit unnecessary flags.
* sed/compile.c, sed/regexp.c (errors): Remove this array of
concatenated strings, and associated macros. All users of these
macros now simply call bad_prog ("diagnostic") instead of bad_prog
(_(DIAGNOSTIC_MACRO)). This is easier to read and maintain, and
made it easy to catch two diagnostics that were never properly
translated before: "cannot specify modifiers on empty regexp",
"missing filename in r/R/w/W commands".
* sed/compile.c (bad_command): Remove; no longer used.
(vbad_prog): New function, with most of the old bad_prog contents.
(bad_prog): Now variadic, like printf. Always translate WHY.
All callers changed.
(bad_prog_notranslate): New function.
|
|
|
|
|
| |
* sed/local.mk (sed_sed_LDADD): Append all the libraries
that ’bootstrap’ says should be included.
|
|
|
|
|
|
|
|
|
| |
Problem reported by Hauke Mehrtens.
* sed/utils.c (follow_symlink): Fix typo when checking size of
second and later symlink, when that symlink is so large that it
does not fit into the buffer. Although the bug is not a buffer
overflow, it does cause sed to mishandle the symlink.
* testsuite/follow-symlinks.sh: Test for the bug.
|
| |
|
|
|
|
|
|
| |
* NEWS: Add header line for next release.
* .prev-version: Record previous version.
* cfg.mk (old_NEWS_hash): Auto-update.
|
|
|
|
| |
* NEWS: Record release date.
|
| |
|
|
|
|
|
| |
* testsuite/inplace-selinux.sh: Avoid unportable "grep -q".
Instead, just redirect to /dev/null.
|
|
|
|
|
| |
* testsuite/misc.pl: Add a test to exercise the preceding change.
* NEWS (Changes in behavior): Mention it.
|
|
|
|
|
|
|
|
| |
Print the less-surprising variant in a corner case of POSIX-unspecified
behavior. Before, this would print "n". Now, it prints "X":
printf n | sed 'sn\nnXn'; echo
* sed/compile.c (match_slash): Remove special handling of 'n'.
Reported in https://bugs.gnu.org/40242
|
| |
|
|
|
|
|
| |
* Makefile.am (AM_DISTCHECK_CONFIGURE_FLAGS): Correct typo
in recent change: s/am_/AM_/
|
| |
|
|
|
|
|
|
| |
* Makefile.am (am_DISTCHECK_CONFIGURE_FLAGS): Change
DISTCHECK_CONFIGURE_FLAGS to
am_DISTCHECK_CONFIGURE_FLAGS.
|
|
|
|
| |
* lib/.gitignore: Add /assert.h and /stdckdint.h
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also support building on systems without perl and when cross-compiling.
* configure.ac (AC_ARG_ENABLE [bold-man-page-references]): New
configure-time option, using code copied from coreutils.
(BUILD_MAN_PAGE, BUILD_DUMMY_MAN_PAGE): Remove definitions.
(HAVE_PERL): Remove bogus conditional.
* doc/dummy-man: New file, from coreutils, with slight adapation.
* build-aux/help2man: Update from coreutils.
* doc/local.mk (EXTRA_DIST): Distribute dummy-man.
(run_help2man): New variable.
(doc/sed.1): Use it rather than simply invoking help2man.
Simplify to use only one copy of this rule, now that run_help2man
works both with and without perl and when cross-compiling.
Move the --name=... string argument into...
* doc/sed.x: ... here. Also make the "Synopsis" appear in generated file.
In https://lists.gnu.org/r/sed-devel/2022-10/msg00005.html,
Bruno Haible reported build failure with perl in a different
location and (in another report) another failure with no perl at all.
|
|
|
|
|
|
| |
* .mailmap: Building THANKS would fail due to thanks-gen finding
two different email addresses for Mike Frysinger. Map the older
one to the newer one.
|
| |
|
|
|
|
|
|
|
| |
* testsuite/local.mk (TESTS_ENVIRONMENT): Remove the erroneous ";"
that effectively elided all following var=val pairs from the test
environment. Report and patch from http://bugs.gnu.org/57831
Bug introduced via v4.2.2-100-gb250bd4.
|
|
|
|
|
|
|
|
| |
* THANKS.in: Put J.T. before Jakub again, as apparently
that’s how it’s done in Fedora 36 which is bleeding edge.
* cfg.mk (sc_THANKS_in_sorted): Update for Fedora 36 sort.
(sc_gitignore_missing): The lib files to ignore are now
in lib/.gitignore, not .gitignore.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* bootstrap.conf (gnulib_modules):
Add eloop-threshold, idx, minmax, readlink.
* configure.ac: Do not check for lstat; no longer needed.
(ENABLE_FOLLOW_SYMLINKS): Remove; all uses removed.
(TEST_SYMLINKS): Depend only on readlink.
* sed/utils.c: Include eloop-threshold.h, idx.h, minmax.h.
(SSIZE_IDX_MAX): New macro.
(follow_symlink): Rewrite to not loop when given a symlink cycle.
Do not use lstat, since readlink suffices. Use just one memory
buffer, not two; this simplifies memory management.
* testsuite/follow-symlinks.sh: Adjust diagnostics to
to match revised behavior. Test for symlink loops.
|
| |
|
|
|
|
| |
* cfg.mk (FILTER_LONG_LINES): Also exempt doc/fdl.texi.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without this fix, the code would sometimes use FP after calling
fclose (FP), which has undefined behavior in C.
Problem found with --enable-gcc-warnings and GCC 12.
* sed/execute.c (open_next_file): Do not register here,
as it’s too late and this can cause the file to not
be cleaned up.
* sed/sed.c (G_file_to_unlink, register_cleanup_file, cancel_cleanup):
Move from here to utils.c.
(cleanup): Call remove_cleanup_file instead of doing it by hand.
* sed/utils.c (struct open_file): Remove member temp
(which was always false) and fclose_failed (which was
not enough to prevent calling fclose with a bad pointer).
All uses changed.
(register_open_file): Do not access p->fp after it’s fclosed,
as that has undefined behavior in C.
Use xmalloc instead of xcalloc, since we initialize all members.
(G_file_to_unlink, register_cleanup_file, cancel_cleanup):
Move from utils.c to here.
(remove_cleanup_file): New function.
(ck_mkstemp): Fix a screwup when mkostemp succeeded but
set_binary_mode or fdopen failed: we might misuse a null pointer,
or forget to clean up the newly-created temp file.
(ck_getdelim): Rename local to avoid confusion with global.
(mark_as_fclose_failed): Remove. All uses removed.
(ck_fclose): Remove entry from open_files before attempting
to fclose it, so that panicking doesn’t try to fclose it again.
(do_ck_fclose): New arg NAME so that there’s no need to
call mark_as_fclose_failed, which inspected FP after fclosing
it, which is undefined behavior.
(ck_rename): Omit arg UNLINK_IF_FAIL. All callers changed.
The cleanup handler removes this file now, as needed.
|
| |
|
| |
|
| |
|
|
|
|
| |
This is as per current Gnulib recommendations.
|
| |
|
| |
|