Subject: CVS commit: src/gnu/dist/gcc/gcc
To: None <source-changes@NetBSD.org>
From: Jim Wise <jwise@netbsd.org>
List: source-changes
Date: 11/30/2004 01:51:13
Module Name: src
Committed By: jwise
Date: Tue Nov 30 01:51:13 UTC 2004
Modified Files:
src/gnu/dist/gcc/gcc: cppfiles.c
src/gnu/dist/gcc/gcc/doc: cpp.1 cpp.info cppenv.texi
Log Message:
As discussed on tech-toolchain@netbsd.org, make cpp refuse to attempt to
parse a #include'd file which does not pass S_ISREG() if the environment variable
CPP_RESTRICTED is set.
This is primarily intended for use by programs such as calendar(1) which
use cpp to parse untrusted user files -- without this change (and the corresponding
change to calendar(1)), any user can cause a denial-of-service for the daily
calendar -a run by #include'ing a named pipe.
Many thanks to christos@netbsd for his help in polishing this.
To generate a diff of this commit:
cvs rdiff -r1.1.1.1 -r1.2 src/gnu/dist/gcc/gcc/cppfiles.c
cvs rdiff -r1.4 -r1.5 src/gnu/dist/gcc/gcc/doc/cpp.1
cvs rdiff -r1.1.1.2 -r1.2 src/gnu/dist/gcc/gcc/doc/cpp.info
cvs rdiff -r1.1.1.1 -r1.2 src/gnu/dist/gcc/gcc/doc/cppenv.texi
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.