1 From 5de88fad8cc214f07082445c6bb7b83091d664e4 Mon Sep 17 00:00:00 2001
2 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
3 Date: Thu, 2 Aug 2012 17:40:55 +0200
4 Subject: [PATCH] Fix building with glibc-2.16.6
6 Ported to sharutils-4.11.1 from gnulib commit:
8 From 66712c23388e93e5c518ebc8515140fa0c807348 Mon Sep 17 00:00:00 2001
9 From: Eric Blake <eblake@redhat.com>
10 Date: Thu, 29 Mar 2012 13:30:41 -0600
11 Subject: [PATCH] stdio: don't assume gets any more
13 Gnulib intentionally does not have a gets module, and now that C11
14 and glibc have dropped it, we should be more proactive about warning
15 any user on a platform that still has a declaration of this dangerous
18 lib/stdio.in.h | 12 +++++++-----
19 m4/stdio_h.m4 | 4 ++--
20 m4/warn-on-use.m4 | 4 ++--
21 3 files changed, 11 insertions(+), 9 deletions(-)
23 diff --git a/lib/stdio.in.h b/lib/stdio.in.h
24 index 57e93ba..6ab9c8b 100644
27 @@ -176,10 +176,12 @@ _GL_WARN_ON_USE (fflush, "fflush is not always POSIX compliant - "
30 /* It is very rare that the developer ever has full control of stdin,
31 - so any use of gets warrants an unconditional warning. Assume it is
32 - always declared, since it is required by C89. */
33 + so any use of gets warrants an unconditional warning; besides, C11
36 +#if HAVE_RAW_DECL_GETS
37 _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
42 @@ -902,9 +904,9 @@ _GL_WARN_ON_USE (snprintf, "snprintf is unportable - "
46 -/* Some people would argue that sprintf should be handled like gets
47 - (for example, OpenBSD issues a link warning for both functions),
48 - since both can cause security holes due to buffer overruns.
49 +/* Some people would argue that all sprintf uses should be warned about
50 + (for example, OpenBSD issues a link warning for it),
51 + since it can cause security holes due to buffer overruns.
52 However, we believe that sprintf can be used safely, and is more
53 efficient than snprintf in those safe cases; and as proof of our
54 belief, we use sprintf in several gnulib modules. So this header
55 diff --git a/m4/stdio_h.m4 b/m4/stdio_h.m4
56 index 7f3ae56..990c616 100644
59 @@ -34,9 +34,9 @@ AC_DEFUN([gl_STDIO_H],
61 dnl Check for declarations of anything we want to poison if the
62 dnl corresponding gnulib module is not in use, and which is not
63 - dnl guaranteed by C89.
64 + dnl guaranteed by both C89 and C11.
65 gl_WARN_ON_USE_PREPARE([[#include <stdio.h>
66 - ]], [dprintf fpurge fseeko ftello getdelim getline popen renameat
67 + ]], [dprintf fpurge fseeko ftello getdelim getline gets popen renameat
68 snprintf tmpfile vdprintf vsnprintf])
71 diff --git a/m4/warn-on-use.m4 b/m4/warn-on-use.m4
72 index e0d0f27..4b07efb 100644
73 --- a/m4/warn-on-use.m4
74 +++ b/m4/warn-on-use.m4
75 @@ -18,8 +18,8 @@ dnl with or without modifications, as long as this notice is preserved.
76 # some systems declare functions in the wrong header, then INCLUDES
79 -# If you assume C89, then it is generally safe to assume declarations
80 -# for functions declared in that standard (such as gets) without
81 +# It is generally safe to assume declarations for functions declared
82 +# in the intersection of C89 and C11 (such as printf) without
83 # needing gl_WARN_ON_USE_PREPARE.
84 AC_DEFUN([gl_WARN_ON_USE_PREPARE],