[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: use of AC_TRY_EVAL broken
From: |
Paolo Bonzini |
Subject: |
Re: use of AC_TRY_EVAL broken |
Date: |
Thu, 23 Oct 2008 17:44:11 +0200 |
User-agent: |
Thunderbird 2.0.0.17 (Macintosh/20080914) |
Eric Blake wrote:
> The following gnulib files use an undocumented autoconf macro AC_TRY_EVAL,
> which is buggy because it does not prevent against shell glob expansion
> and could end up invoking arbitrary commands according to the contents of
> the current directory. We need to switch these over to using documented
> commands, particularly since I'm thinking of removing AC_TRY_EVAL from the
> next version of autoconf because of its security risks.
>
> locale-fr.m4
> locale-tr.m4
> locale-zh.m4
> printf.m4
What's wrong with changing the definition to
_AC_DO_STDERR($[]$1) && {
test -z "$ac_[]_AC_LANG_ABBREV[]_werror_flag" ||
test ! -s conftest.err }
and deprecating it?
Most uses I ever saw in the wild were AC_TRY_EVAL([ac_compile]) and
AC_TRY_EVAL([ac_link]); there are some more weird ones, but we could
make AC_TRY_EVAL fail if the argument includes a space.
Paolo