From fc4b142bfd889e4c1b7157a7691836eeed344f7f Mon Sep 17 00:00:00 2001 From: Felix Winkelmann Date: Fri, 3 Mar 2023 00:07:19 +0100 Subject: [PATCH] Added option to csc to disable runtime option processing --- NEWS | 2 ++ chicken.h | 9 +++++++++ csc.mdoc | 4 ++++ csc.scm | 9 +++++++-- library.scm | 3 ++- manual/Using the compiler | 7 +++++++ runtime.c | 3 +++ 7 files changed, 34 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 23661fc2..1e29004b 100644 --- a/NEWS +++ b/NEWS @@ -33,6 +33,8 @@ - chicken-install now accepts the -location command line option (short: -l) to specify local directories where to get egg sources from. + - csc accepts the -disable-runtime-options flag now to disable + all processing of runtime options for compiled programs. - Compiler - When emitting types files, the output list is now sorted, to ensure diff --git a/chicken.h b/chicken.h index 9d15ab74..fa6a5ce9 100644 --- a/chicken.h +++ b/chicken.h @@ -1564,6 +1564,12 @@ typedef void (C_ccall *C_proc)(C_word, C_word *) C_noret; # define C_set_gui_mode #endif +#ifdef C_DISABLE_RUNTIME_OPTIONS +# define C_set_runtime_options C_runtime_options = 0 +#else +# define C_set_runtime_options +#endif + /** * SEARCH_EXE_PATH is defined on platforms on which we must search for * the current executable. Because this search is sensitive to things @@ -1588,6 +1594,7 @@ typedef void (C_ccall *C_proc)(C_word, C_word *) C_noret; C_gui_mode = 1; \ C_set_main_exe(argv[0]); \ C_private_repository(); \ + C_set_runtime_options; \ return CHICKEN_main(0, NULL, (void *)C_toplevel); \ } # else @@ -1597,6 +1604,7 @@ typedef void (C_ccall *C_proc)(C_word, C_word *) C_noret; C_set_gui_mode; \ C_set_main_exe(argv[0]); \ C_private_repository(); \ + C_set_runtime_options; \ return CHICKEN_main(argc, argv, (void*)C_toplevel); \ } # endif @@ -1696,6 +1704,7 @@ C_varextern C_TLS jmp_buf C_restart; C_varextern C_TLS void *C_restart_address; C_varextern C_TLS int C_entry_point_status; C_varextern C_TLS int C_gui_mode; +C_varextern C_TLS int C_runtime_options; C_varextern C_TLS int C_enable_repl; C_varextern C_TLS void *C_restart_trampoline; diff --git a/csc.mdoc b/csc.mdoc index a930a3f9..c5ad06db 100644 --- a/csc.mdoc +++ b/csc.mdoc @@ -232,6 +232,10 @@ Compile as embedded .Pc . .It Fl gui Compile as GUI application. +.It Fl disable-runtime-options +Disable any handling of "-:..." runtime command line options +for executables. When compiling libraries, this option has +no effect. .It Fl link Ar NAME Link extension with compiled executable .Po implies Sq Fl uses diff --git a/csc.scm b/csc.scm index 1fe896b7..8ab8960f 100644 --- a/csc.scm +++ b/csc.scm @@ -431,7 +431,7 @@ Usage: #{csc} [OPTION ...] [FILENAME ...] -clustering combine groups of local procedures into dispatch loop -lfa2 perform additional lightweight flow-analysis pass - -unroll-limit LIMIT specifies inlining limit for self-recursive calls + -unroll-limit LIMIT specifies inlining limit for self-recursive calls Configuration options: @@ -449,7 +449,10 @@ Usage: #{csc} [OPTION ...] [FILENAME ...] -e -embedded compile as embedded (don't generate `main()') - -gui compile as GUI application + -gui compile as GUI application + -disable-runtime-options disable any handling of "-:..." runtime command + line options for programs (ineffective for + libraries) -link NAME link extension with compiled executable (implies -uses) -R -require-extension NAME require extension and import in compiled @@ -707,6 +710,8 @@ EOF (set! link-options (cons* "-lkernel32" "-luser32" "-lgdi32" "-mwindows" link-options)))] + ((-disable-runtime-options) + (set! compile-options (cons "-DC_DISABLE_RUNTIME_OPTIONS" compile-options))) ((-deployed) (set! deployed #t)) [(-framework) diff --git a/library.scm b/library.scm index 9fc663e0..7079ac72 100644 --- a/library.scm +++ b/library.scm @@ -6032,7 +6032,8 @@ static C_word C_fcall C_setenv(C_word x, C_word y) { (define command-line-arguments (make-parameter (let ([args (argv)]) - (if (pair? args) + (if (and (pair? args) + (not (zero? (foreign-value "C_runtime_options" int)))) (let loop ([args (##sys#slot args 1)]) (if (null? args) '() diff --git a/manual/Using the compiler b/manual/Using the compiler index 51cd9ffc..bd2b6936 100644 --- a/manual/Using the compiler +++ b/manual/Using the compiler @@ -225,6 +225,13 @@ compiler itself) accept a small set of runtime options. These are filtered out by the startup code and will not be contained in the result of {{(command-line-arguments)}}. +The processing of runtime options can also be completely disabled +by compiling a program with the {{csc}} option {{-disable-runtime-options}}. +In this case, options of the form {{-:...}} are ignored and are +not removed from the arguments returned by {{command-line-arguments}}. +It is recommended to compile security-sensitive programs with this +option if they execute with high privileges. + ; {{-:?}} : Shows a list of the available runtime options and exits the program. ; {{-:aNUMBER}} : Specifies the length of the buffer for recording a trace of the last invoked procedures. Defaults to 16. diff --git a/runtime.c b/runtime.c index 76f0e12c..38245752 100644 --- a/runtime.c +++ b/runtime.c @@ -336,6 +336,7 @@ C_TLS C_word (*C_debugger_hook)(C_DEBUG_INFO *cell, C_word c, C_word *av, C_char C_TLS int C_gui_mode = 0, + C_runtime_options = 1, C_abort_on_thread_exceptions, C_enable_repl, C_interrupts_enabled, @@ -1349,6 +1350,8 @@ void CHICKEN_parse_command_line(int argc, char *argv[], C_word *heap, C_word *st *stack = DEFAULT_STACK_SIZE; *symbols = DEFAULT_SYMBOL_TABLE_SIZE; + if(!C_runtime_options) return; + for(i = 1; i < C_main_argc; ++i) if(!strncmp(C_main_argv[ i ], C_text("-:"), 2)) { for(ptr = &C_main_argv[ i ][ 2 ]; *ptr != '\0';) { -- 2.33.0