On Mon, Apr 16, 2001 at 12:28:27PM -0300, Carlos E Gorges wrote:
> This patch fixes two format bugs found in m4-1.4

I believe several distribution vendors included a similar patch after
this issue was on Bugtraq.

Is m4 maintained? 1.4 is very old (1994).

* Tue Feb 06 2001 Michail Litvak <mciowl.openwall.com>
- Fixed format bug in error
- added __attribute__ ((format(...))) for error

(Our patch attached, for the __attribute__)

There's another potential issue with m4 (or, more correctly, with the
documentation which suggests bad practices):

File: m4.info, Node: Maketemp, Prev: Sysval, Up: UNIX commands

Making names for temporary files
================================

   Commands specified to `syscmd' or `esyscmd' might need a temporary
file, for output or for some other purpose. There is a builtin macro,
`maketemp', for making temporary file names:

     maketemp(TEMPLATE)

which expands to a name of a non-existent file, made from the string
TEMPLATE, which should end with the string `XXXXXX'. The six `X''s are
then replaced, usually with something that includes the process id of
the `m4' process, in order to make the filename unique.

     maketemp(`/tmp/fooXXXXXX')
     =>/tmp/fooa07346

-- 
/sd

• text/plain attachment: m4-1.4-owl-format.diff

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]