* doc/sed.texi (multiple sed commands): Mention that e, r, R, w and W
are like the a, c and i commands, in that one cannot terminate such
commands with a semicolon.
* bootstrap.conf: Gnulib's stdckdint and stdbool modules are
deprecated, in favor of stdckdint-h and bool.
Induce this change with the following:
perl -pi -e 's{^stdckdint$}{$1-h};s{^stdbool$}{bool}' bootstrap.conf
And sort the resulting list of module names.
* sed/sed.c: Spell as <getopt.h> and hoist it to be with other system
header includes. Also, use "", not <> for "selinux/selinux.h".
* testsuite/test-mbrtowc.c: Same, for <error.h>.
* sed/utils.c (ck_rename): When diagnosting rename failure,
also mention the target file name.
* testsuite/in-place-suffix-backup.sh: Adjust test expectations
to match.
Reported by Sebastian Carlos in https://bugs.gnu.org/63833
Following Pádraig Brady's example from coreutils, ...
* bootstrap.conf: Add an explicit requirement on m4.
Add an explicit requirement on texi2pdf -- often packaged separately
rather than with makeinfo -- its absence would otherwise induce a
failure late in the build process.
Replace the rsync dependency with wget,
which gnulib changed to in 2018.
Also, add an xz requirement and a version for autopoint.
The idea is to defend against some adversary-in-the-middle attacks.
Also prefer git.savannah.gnu.org over its shorter alias, git.sv.gnu.org
to avoid a warning e.g., from git clone.
Also, drop any final ".git" suffix on the resulting URIs.
Inspired by Paul Eggert's nearly identical changes to coreutils.
* basicdefs.h: Do not include alloca.h.
* bootstrap.conf (gnulib_modules): Remove alloca, stdalign,
c-ctype, closeout, mbrlen, verify.
Add version-etc.
* lib/.gitignore, m4/.gitignore: Omit now-unused files.
* po/POTFILES.in: Remove closeout.c.
* testsuite/test-mbrtowc.c: Do not include closeout.h.
(main): Close stdout by hand, to avoid a dependency on closeout.
* sed/local.mk (sed_sed_LDADD): Update for current Gnulib
by using $(CLOCK_LIB__GETTIME), $(GETRANDOM_LIB),
$(HARD_LOCALE_LIB), $(MBRTOWC_LIB), $(SETLOCALE_NULL_LIB)
instead of $(LIB_CLOCK_GETTIME), $(LIB_GETRANDOM),
$(LIB_HARD_LOCALE, $(LIB_MBRTOWC), $(LIB_SETLOCALE_NULL).
v4.9-14-g3d75b4a changed the diagnostic, but did not update
the occurrences of the diagnostic in expected test outputs.
* testsuite/compile-errors.sh: Accommodate changed diagnostic.
* testsuite/mb-y-translate.sh: Likewise.
* testsuite/normalize-text.sh: Likewise.
Reported by Bruno Haible in https://bugs.gnu.org/61159
Fix some some longstanding but unlikely integer overflows.
Internally, 'sed' now more often prefers signed integer arithmetic,
which can be checked automatically via 'gcc -fsanitize=undefined'.
* basicdefs.h (countT): Remove. All uses replaced
with a more-specific signed type, e.g., idx_t.
Similarly, change uses of types like size_t to
signed types like idx_t when appropriate.
(REALLOC): Remove; no longer used. We now use xpalloc
because that detects integer overflow in size calculations.
Also, we no longer use XCALLOC since the code never relies
on the storage being zero, and leaving it uninitialized is
more likely to catch errors when debugging implementations
are used. We use XNMALLOC instead, or xpalloc.
* bootstrap.conf (gnulib_modules): Add stdckdint, strtoimax.
* lib/.gitignore, m4/.gitignore: Update for new Gnulib modules.
* sed/compile.c: Include stdckdint.h.
(VECTOR_ALLOC_INCREMENT): Remove; no longer used.
(in_integer): Return maximal value if integer overflow.
All callers changed to expect this.
(next_cmd_entry): Use xpalloc instead of reallocating by hand,
which might suffer integer overflow.
(normalize_text): Don’t rely on system-defined conversion
of out-of-range size_t to int.
(next_cmd_entry): Arg is now pointer, not pointer-to-pointer.
All uses changed.
* sed/debug.c (debug_print_function): Don’t attempt to
fwrite a null pointer with a zero size.
* sed/execute.c: Include <stdckdint.h>, "minmax.h".
(resize_line): LEN arg is now increment, not total length,
to avoid overflow when calculating total length.
All uses changed. Do not assume lb->alloc * 2 cannot overflow.
(resize_line, line_copy): Use xpalloc instead of doing realloc by
hand, which might suffer integer overflow.
(str_append_modified): Do not add n to to->length until
after it's known this cannot overflow.
(read_file_line): Don’t assume ssize_t fits in long.
(get_backup_file_name): Don’t assume string length fits in int.
Do not assume PTR-1+1 works; behavior is undefined if PTR
is at buffer start. Check for integer overflow in buffer
size calculation.
(read_pattern_space): Check for line number overflow.
(match_address_p): Check for address overflow.
(debug_print_line): Omit unnecessary test for in->active being null.
(execute_program): Check for Q overflow.
* sed/regexp.c: Include <stdckdint.h>.
(match_regex): Don’t assume TYPE_MAXIMUM (regoff_t) == INT_MAX.
* sed/sed.c: Include inttypes.h, for strtoimax.
(main): Use strtoimax, not atoi.
* sed/utils.c (init_buffer): Use xmalloc and xpalloc
instead of guessing sizes ourselves, and unnecessarily
initializing.
(resize_buffer): Remove; all callers changed to use xpalloc.
(free_buffer): Don’t call free (NULL), since we already
test whether the pointer is null.
* bootstrap.conf (gnulib_modules): Add mempcpy.
* sed/utils.c (ck_mkstemp): Use mempcpy instead of sprintf,
which doesn’t work with strings longer than INT_MAX.
* sed/execute.c (do_list): Simplify by doing octal escapes
by hand (!) instead of having sprintf do it. This makes it
easier for compilers and humans see that buffer overflow
is impossible. And it’s quite a bit faster if the input
consists mostly of odd control bytes.
