[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: use of AC_TRY_EVAL broken

From: Paolo Bonzini
Subject: Re: use of AC_TRY_EVAL broken
Date: Thu, 23 Oct 2008 17:44:11 +0200
User-agent: Thunderbird (Macintosh/20080914)

Eric Blake wrote:
> The following gnulib files use an undocumented autoconf macro AC_TRY_EVAL,
> which is buggy because it does not prevent against shell glob expansion
> and could end up invoking arbitrary commands according to the contents of
> the current directory.  We need to switch these over to using documented
> commands, particularly since I'm thinking of removing AC_TRY_EVAL from the
> next version of autoconf because of its security risks.
> locale-fr.m4
> locale-tr.m4
> locale-zh.m4
> printf.m4

What's wrong with changing the definition to

_AC_DO_STDERR($[]$1) && {
         test -z "$ac_[]_AC_LANG_ABBREV[]_werror_flag" ||
         test ! -s conftest.err }

and deprecating it?

Most uses I ever saw in the wild were AC_TRY_EVAL([ac_compile]) and
AC_TRY_EVAL([ac_link]); there are some more weird ones, but we could
make AC_TRY_EVAL fail if the argument includes a space.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]