aboutsummaryrefslogtreecommitdiff
path: root/conform
diff options
context:
space:
mode:
authorAurelien Jarno <aurelien@aurel32.net>2016-09-05 22:53:22 +0200
committerAurelien Jarno <aurelien@aurel32.net>2016-09-05 22:53:22 +0200
commit6d5336211d2e823d4d431a01e62a80d9be4cbc9d (patch)
treef88714118815a95a2552e8b3b385bfe36cc5b878 /conform
parentead3cea7d8948113fe205243acbddbda609de5c9 (diff)
downloadglibc-6d5336211d2e823d4d431a01e62a80d9be4cbc9d.tar
glibc-6d5336211d2e823d4d431a01e62a80d9be4cbc9d.tar.gz
glibc-6d5336211d2e823d4d431a01e62a80d9be4cbc9d.tar.bz2
glibc-6d5336211d2e823d4d431a01e62a80d9be4cbc9d.zip
conform tests: call perl with '-I.'
Historically perl includes the current directory in the module search path. Over the time this has been considered as a security issue and the recent vulnerabilities [1] made people to reconsider this behaviour. It is almost sure that this will be removed in the future [2], possibly for the 5.26 release, although this is not yet firmly decided. Debian has decided to backport the patches [3], so the perl binary in unstable do not have '.' in @INC anymore. This behaviour is used in the conform perl scripts to include the GlibcConform module. This patch fixes that by calling perl with '-I.'. This is not a security issue in this case as make ensures that the current directory is $(srcdir)/conform/ when the scripts are called. Passing the full path would do exactly the same. [1] CVE-2016-1238 CVE-2016-6185 [2] https://rt.perl.org/Public/Bug/Display.html?id=127810 [3] https://lists.debian.org/debian-devel-announce/2016/08/msg00013.html Changelog: * conform/Makefile (conformtest-header-tests): Pass -I. to $(PERL). (linknamespace-symlists-tests): Likewise. (linknamespace-header-tests): Likewise.
Diffstat (limited to 'conform')
-rw-r--r--conform/Makefile6
1 files changed, 3 insertions, 3 deletions
diff --git a/conform/Makefile b/conform/Makefile
index 32a0937b06..b92a7d4f6e 100644
--- a/conform/Makefile
+++ b/conform/Makefile
@@ -196,13 +196,13 @@ $(conformtest-header-tests): $(objpfx)%/conform.out: \
conformtest.pl $(conformtest-headers-data)
(set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \
mkdir -p $(@D)/scratch; \
- $(PERL) conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \
+ $(PERL) -I. conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \
--flags='$(conformtest-cc-flags)' --standard=$$std \
--headers=$$hdr > $@); \
$(evaluate-test)
$(linknamespace-symlists-tests): $(objpfx)symlist-%: list-header-symbols.pl
- $(PERL) -w $< --tmpdir=$(objpfx) --cc='$(CC)' \
+ $(PERL) -I. -w $< --tmpdir=$(objpfx) --cc='$(CC)' \
--flags='$(conformtest-cc-flags)' --standard=$* \
--headers="$(strip $(conformtest-headers-$*))" \
> $@ 2> $@.err; \
@@ -232,7 +232,7 @@ $(linknamespace-header-tests): $(objpfx)%/linknamespace.out: \
$(linknamespace-symlist-stdlibs-tests)
(set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \
mkdir -p $(@D)/scratch; \
- $(PERL) -w $< --tmpdir=$(@D)/scratch --cc='$(CC)' \
+ $(PERL) -I. -w $< --tmpdir=$(@D)/scratch --cc='$(CC)' \
--flags='$(conformtest-cc-flags)' --standard=$$std \
--stdsyms=$(objpfx)symlist-$$std --header=$$hdr \
--libsyms=$(objpfx)symlist-stdlibs-$$std \