From af2c15151507c31ad95b488c82c53a1ecd5e45e0 Mon Sep 17 00:00:00 2001 From: Jan Kratochvil Date: Sun, 6 May 2012 15:31:04 +0000 Subject: [PATCH] gdb/ * auto-load.c (set_auto_load_safe_path): Reset AUTO_LOAD_SAFE_PATH back to DEFAULT_AUTO_LOAD_SAFE_PATH if it is being set to "". (show_auto_load_safe_path): Check any-directory by comparison with "/". (add_auto_load_safe_path): Change the error message. (_initialize_auto_load): Change the "safe-path" help text. * configure: Regenerate * configure.ac (--without-auto-load-safe-path): Set WITH_AUTO_LOAD_SAFE_PATH to /. gdb/doc/ * gdb.texinfo (Auto-loading safe path): Make 'directories' for 'set auto-load safe-path' optional. Mention if it is omitted. Change disabling security protection condition to "/", twice. --- gdb/ChangeLog | 11 +++++++++++ gdb/auto-load.c | 19 ++++++++++++++----- gdb/configure | 2 +- gdb/configure.ac | 2 +- gdb/doc/ChangeLog | 6 ++++++ gdb/doc/gdb.texinfo | 9 ++++++--- 6 files changed, 39 insertions(+), 10 deletions(-) diff --git a/gdb/ChangeLog b/gdb/ChangeLog index 4542e84f7b..480fd0da75 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,14 @@ +2012-05-06 Jan Kratochvil + + * auto-load.c (set_auto_load_safe_path): Reset AUTO_LOAD_SAFE_PATH + back to DEFAULT_AUTO_LOAD_SAFE_PATH if it is being set to "". + (show_auto_load_safe_path): Check any-directory by comparison with "/". + (add_auto_load_safe_path): Change the error message. + (_initialize_auto_load): Change the "safe-path" help text. + * configure: Regenerate + * configure.ac (--without-auto-load-safe-path): Set + WITH_AUTO_LOAD_SAFE_PATH to /. + 2012-05-05 Sergio Durigan Junior * stap-probe.h: Do not include unecessary `probe.h'. diff --git a/gdb/auto-load.c b/gdb/auto-load.c index 187e8520f9..9d4d0bcb9c 100644 --- a/gdb/auto-load.c +++ b/gdb/auto-load.c @@ -181,6 +181,12 @@ auto_load_safe_path_vec_update (void) static void set_auto_load_safe_path (char *args, int from_tty, struct cmd_list_element *c) { + if (auto_load_safe_path[0] == '\0') + { + xfree (auto_load_safe_path); + auto_load_safe_path = xstrdup (DEFAULT_AUTO_LOAD_SAFE_PATH); + } + auto_load_safe_path_vec_update (); } @@ -190,7 +196,7 @@ static void show_auto_load_safe_path (struct ui_file *file, int from_tty, struct cmd_list_element *c, const char *value) { - if (*value == 0) + if (strcmp (value, "/") == 0) fprintf_filtered (file, _("Auto-load files are safe to load from any " "directory.\n")); else @@ -209,8 +215,9 @@ add_auto_load_safe_path (char *args, int from_tty) if (args == NULL || *args == 0) error (_("\ -Adding empty directory element disables the auto-load safe-path security. \ -Use 'set auto-load safe-path' instead if you mean that.")); +Directory argument required.\n\ +Use 'set auto-load safe-path /' for disabling the auto-load safe-path security.\ +")); s = xstrprintf ("%s%c%s", auto_load_safe_path, DIRNAME_SEPARATOR, args); xfree (auto_load_safe_path); @@ -1029,8 +1036,10 @@ Set the list of directories from which it is safe to auto-load files."), _("\ Show the list of directories from which it is safe to auto-load files."), _("\ Various files loaded automatically for the 'set auto-load ...' options must\n\ be located in one of the directories listed by this option. Warning will be\n\ -printed and file will not be used otherwise. Use empty string (or even\n\ -empty directory entry) to allow any file for the 'set auto-load ...' options.\n\ +printed and file will not be used otherwise.\n\ +Setting this parameter to an empty list resets it to its default value.\n\ +Setting this parameter to '/' (without the quotes) allows any file\n\ +for the 'set auto-load ...' options.\n\ This option is ignored for the kinds of files having 'set auto-load ... off'.\n\ This options has security implications for untrusted inferiors."), set_auto_load_safe_path, diff --git a/gdb/configure b/gdb/configure index 12260dea3b..c1775b7cf2 100755 --- a/gdb/configure +++ b/gdb/configure @@ -4964,7 +4964,7 @@ $as_echo_n "checking for default auto-load safe-path... " >&6; } # Check whether --with-auto-load-safe-path was given. if test "${with_auto_load_safe_path+set}" = set; then : withval=$with_auto_load_safe_path; if test "$with_auto_load_safe_path" = "no"; then - with_auto_load_safe_path="" + with_auto_load_safe_path="/" fi else with_auto_load_safe_path="$prefix" diff --git a/gdb/configure.ac b/gdb/configure.ac index b45c57d720..ce7515b195 100644 --- a/gdb/configure.ac +++ b/gdb/configure.ac @@ -141,7 +141,7 @@ AC_ARG_WITH(auto-load-safe-path, AS_HELP_STRING([--with-auto-load-safe-path=PATH], [directories safe to hold auto-loaded files]) AS_HELP_STRING([--without-auto-load-safe-path], [do not restrict auto-loaded files locations]), [if test "$with_auto_load_safe_path" = "no"; then - with_auto_load_safe_path="" + with_auto_load_safe_path="/" fi], [with_auto_load_safe_path="$prefix"]) AC_DEFINE_DIR(DEFAULT_AUTO_LOAD_SAFE_PATH, with_auto_load_safe_path, diff --git a/gdb/doc/ChangeLog b/gdb/doc/ChangeLog index 8dd273c061..f6de7f61cf 100644 --- a/gdb/doc/ChangeLog +++ b/gdb/doc/ChangeLog @@ -1,3 +1,9 @@ +2012-05-06 Jan Kratochvil + + * gdb.texinfo (Auto-loading safe path): Make 'directories' + for 'set auto-load safe-path' optional. Mention if it is omitted. + Change disabling security protection condition to "/", twice. + 2012-05-03 Siva Chandra Reddy * gdb.texinfo (Symbol Tables In Python): Add documentation about diff --git a/gdb/doc/gdb.texinfo b/gdb/doc/gdb.texinfo index 014b39b9d7..ad9edaca89 100644 --- a/gdb/doc/gdb.texinfo +++ b/gdb/doc/gdb.texinfo @@ -21219,9 +21219,12 @@ The list of trusted directories is controlled by the following commands: @table @code @anchor{set auto-load safe-path} @kindex set auto-load safe-path -@item set auto-load safe-path @var{directories} +@item set auto-load safe-path @r{[}@var{directories}@r{]} Set the list of directories (and their subdirectories) trusted for automatic loading and execution of scripts. You can also enter a specific trusted file. +If you omit @var{directories}, @samp{auto-load safe-path} will be reset to +its default value as specified during @value{GDBN} compilation. + The list of directories uses directory separator (@samp{:} on GNU and Unix systems, @samp{;} on MS-Windows and MS-DOS) to separate directories, similarly to the @env{PATH} environment variable. @@ -21240,7 +21243,7 @@ loading and execution of scripts. Multiple entries may be delimited by the host platform directory separator in use. @end table -Setting this variable to an empty string disables this security protection. +Setting this variable to @file{/} disables this security protection. This variable is supposed to be set to the system directories writable by the system superuser only. Users can add their source directories in init files in their home directories (@pxref{Home Directory Init File}). See also deprecated @@ -21260,7 +21263,7 @@ by @samp{show auto-load safe-path} (such as @samp{/usr:/bin} in this example). Specify this directory as in the previous case but just for a single @value{GDBN} session. -@item @kbd{gdb -iex "set auto-load safe-path" @dots{}} +@item @kbd{gdb -iex "set auto-load safe-path /" @dots{}} Disable auto-loading safety for a single @value{GDBN} session. This assumes all the files you debug during this @value{GDBN} session will come from trusted sources. -- 2.34.1