tech-toolchain: CPP

Subject: CPP_RESTRICTED
To: None <tech-toolchain@netbsd.org>
From: Jason Thorpe <thorpej@shagadelic.org>
List: tech-toolchain
Date: 11/29/2004 18:37:04
--Apple-Mail-27-1068456491
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; format=flowed

Please get this merged into the GCC mainline.  Hopefully you have an 
FSF copyright assignment on-file.

Begin forwarded message:

> From: Jim Wise <jwise@netbsd.org>
> Date: November 29, 2004 5:51:13 PM PST
> To: source-changes@NetBSD.org
> Subject: CVS commit: src/gnu/dist/gcc/gcc
> Reply-To: jwise@netbsd.org
>
>
> Module Name:	src
> Committed By:	jwise
> Date:		Tue Nov 30 01:51:13 UTC 2004
>
> Modified Files:
> 	src/gnu/dist/gcc/gcc: cppfiles.c
> 	src/gnu/dist/gcc/gcc/doc: cpp.1 cpp.info cppenv.texi
>
> Log Message:
> As discussed on tech-toolchain@netbsd.org, make cpp refuse to attempt 
> to
> parse a #include'd file which does not pass S_ISREG() if the 
> environment variable
> CPP_RESTRICTED is set.
>
> This is primarily intended for use by programs such as calendar(1) 
> which
> use cpp to parse untrusted user files -- without this change (and the 
> corresponding
> change to calendar(1)), any user can cause a denial-of-service for the 
> daily
> calendar -a run by #include'ing a named pipe.
>
> Many thanks to christos@netbsd for his help in polishing this.
>
>
> To generate a diff of this commit:
> cvs rdiff -r1.1.1.1 -r1.2 src/gnu/dist/gcc/gcc/cppfiles.c
> cvs rdiff -r1.4 -r1.5 src/gnu/dist/gcc/gcc/doc/cpp.1
> cvs rdiff -r1.1.1.2 -r1.2 src/gnu/dist/gcc/gcc/doc/cpp.info
> cvs rdiff -r1.1.1.1 -r1.2 src/gnu/dist/gcc/gcc/doc/cppenv.texi
>
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.
>
         -- Jason R. Thorpe <thorpej@shagadelic.org>


--Apple-Mail-27-1068456491
content-type: application/pgp-signature; x-mac-type=70674453;
	name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)

iD8DBQFBq9zUOpVKkaBm8XkRAug9AKCazb7fe6afhBwHdiiO8FWOD4EpVwCg14JM
L0iJ745XRYkE0nfr6tXKte0=
=lbSw
-----END PGP SIGNATURE-----

--Apple-Mail-27-1068456491--