This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[patch] auto-load safe-path reset back by set ""
- From: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- To: gdb-patches at sourceware dot org
- Cc: Doug Evans <dje at google dot com>
- Date: Sun, 22 Apr 2012 18:51:28 +0200
- Subject: [patch] auto-load safe-path reset back by set ""
Hi,
from off-list discussion with Doug I have realized the current GDB practice
is that "set var" will reset it to the factory defaults:
(gdb) set libthread-db-search-path a
(gdb) show libthread-db-search-path
The current search path or libthread_db is "a".
(gdb) set libthread-db-search-path
(gdb) show libthread-db-search-path
The current search path or libthread_db is "$sdir:$pdir".
A similar behavior can be seen for the "directory" command.
Doug's complaint was that "set auto-load safe-path" can be never reset back to
the GDB compilation settings.
Therefore before the auto-load feature gets in a more widespread use / release
proposing this change.
common:
(gdb) show auto-load safe-path
List of directories from which it is safe to auto-load files is /usr/local.
(gdb) set auto-load safe-path ~/src
(gdb) show auto-load safe-path
List of directories from which it is safe to auto-load files is ~/src.
(gdb) set auto-load safe-path
(gdb) show auto-load safe-path
before:
Auto-load files are safe to load from any directory.
after:
List of directories from which it is safe to auto-load files is /usr/local.
(gdb) set auto-load safe-path /
(gdb) show auto-load safe-path
Auto-load files are safe to load from any directory.
TBH I would rather change "set libthread-db-search-path" so that any "set VAR"
sets VAR to "" as I find it a bit confusing this way but I find it not worth
the trouble changing for established "set libthread-db-search-path" so why to
make "set auto-load safe-path" different.
No regressions on {x86_64,x86_64-m32,i686}-fedora17-linux-gnu.
I will check it in, I do not think there are going to be complaints making the
behavior more in the GDB style.
Thanks,
Jan
gdb/
2012-04-22 Jan Kratochvil <jan.kratochvil@redhat.com>
* auto-load.c (set_auto_load_safe_path): Reset AUTO_LOAD_SAFE_PATH
back to DEFAULT_AUTO_LOAD_SAFE_PATH if it is being set to "".
(show_auto_load_safe_path): Check any-directory by comparison with "/".
(add_auto_load_safe_path): Change the error message.
(_initialize_auto_load): Change the "safe-path" help text.
* configure: Regenerate
* configure.ac (--without-auto-load-safe-path): Set
WITH_AUTO_LOAD_SAFE_PATH to /.
gdb/doc/
2012-04-22 Jan Kratochvil <jan.kratochvil@redhat.com>
* gdb.texinfo (Auto-loading safe path): Make 'directories'
for 'set auto-load safe-path' optional. Mention if it is omitted.
Change disabling security protection condition to "/", twice.
diff --git a/gdb/auto-load.c b/gdb/auto-load.c
index 9d19179..9d4d0bc 100644
--- a/gdb/auto-load.c
+++ b/gdb/auto-load.c
@@ -181,6 +181,12 @@ auto_load_safe_path_vec_update (void)
static void
set_auto_load_safe_path (char *args, int from_tty, struct cmd_list_element *c)
{
+ if (auto_load_safe_path[0] == '\0')
+ {
+ xfree (auto_load_safe_path);
+ auto_load_safe_path = xstrdup (DEFAULT_AUTO_LOAD_SAFE_PATH);
+ }
+
auto_load_safe_path_vec_update ();
}
@@ -190,7 +196,7 @@ static void
show_auto_load_safe_path (struct ui_file *file, int from_tty,
struct cmd_list_element *c, const char *value)
{
- if (*value == 0)
+ if (strcmp (value, "/") == 0)
fprintf_filtered (file, _("Auto-load files are safe to load from any "
"directory.\n"));
else
@@ -209,8 +215,9 @@ add_auto_load_safe_path (char *args, int from_tty)
if (args == NULL || *args == 0)
error (_("\
-Adding empty directory element disables the auto-load safe-path security. \
-Use 'set auto-load safe-path' instead if you mean that."));
+Directory argument required.\n\
+Use 'set auto-load safe-path /' for disabling the auto-load safe-path security.\
+"));
s = xstrprintf ("%s%c%s", auto_load_safe_path, DIRNAME_SEPARATOR, args);
xfree (auto_load_safe_path);
@@ -1023,8 +1036,10 @@ Set the list of directories from which it is safe to auto-load files."), _("\
Show the list of directories from which it is safe to auto-load files."), _("\
Various files loaded automatically for the 'set auto-load ...' options must\n\
be located in one of the directories listed by this option. Warning will be\n\
-printed and file will not be used otherwise. Use empty string (or even\n\
-empty directory entry) to allow any file for the 'set auto-load ...' options.\n\
+printed and file will not be used otherwise.\n\
+Setting this parameter to an empty list resets it to its default value.\n\
+Setting this parameter to '/' (without the quotes) allows any file\n\
+for the 'set auto-load ...' options.\n\
This option is ignored for the kinds of files having 'set auto-load ... off'.\n\
This options has security implications for untrusted inferiors."),
set_auto_load_safe_path,
diff --git a/gdb/configure b/gdb/configure
index 54c2399..42d2fbd 100755
--- a/gdb/configure
+++ b/gdb/configure
@@ -4949,7 +4949,7 @@ $as_echo_n "checking for default auto-load safe-path... " >&6; }
# Check whether --with-auto-load-safe-path was given.
if test "${with_auto_load_safe_path+set}" = set; then :
withval=$with_auto_load_safe_path; if test "$with_auto_load_safe_path" = "no"; then
- with_auto_load_safe_path=""
+ with_auto_load_safe_path="/"
fi
else
with_auto_load_safe_path="$prefix"
diff --git a/gdb/configure.ac b/gdb/configure.ac
index a40c2e5..9bde18f 100644
--- a/gdb/configure.ac
+++ b/gdb/configure.ac
@@ -140,7 +140,7 @@ AC_ARG_WITH(auto-load-safe-path,
AS_HELP_STRING([--with-auto-load-safe-path=PATH], [directories safe to hold auto-loaded files])
AS_HELP_STRING([--without-auto-load-safe-path], [do not restrict auto-loaded files locations]),
[if test "$with_auto_load_safe_path" = "no"; then
- with_auto_load_safe_path=""
+ with_auto_load_safe_path="/"
fi],
[with_auto_load_safe_path="$prefix"])
AC_DEFINE_DIR(DEFAULT_AUTO_LOAD_SAFE_PATH, with_auto_load_safe_path,
diff --git a/gdb/doc/gdb.texinfo b/gdb/doc/gdb.texinfo
index e8be746..6d9f0c0 100644
--- a/gdb/doc/gdb.texinfo
+++ b/gdb/doc/gdb.texinfo
@@ -21105,9 +21105,12 @@ The list of trusted directories is controlled by the following commands:
@table @code
@anchor{set auto-load safe-path}
@kindex set auto-load safe-path
-@item set auto-load safe-path @var{directories}
+@item set auto-load safe-path [@var{directories}]
Set the list of directories (and their subdirectories) trusted for automatic
loading and execution of scripts. You can also enter a specific trusted file.
+If you omit @var{directories}, @samp{auto-load safe-path} will be reset to
+its default value as specified during @value{GDBN} compilation.
+
The list of directories uses directory separator (@samp{:} on GNU and Unix
systems, @samp{;} on MS-Windows and MS-DOS) to separate directories, similarly
to the @env{PATH} environment variable.
@@ -21126,7 +21129,8 @@ loading and execution of scripts. Multiple entries may be delimited by the
host platform directory separator in use.
@end table
-Setting this variable to an empty string disables this security protection.
+Setting this variable to @code{"/"} (without the quotes) disables this security
+protection.
This variable is supposed to be set to the system directories writable by the
system superuser only. Users can add their source directories in init files in
their home directories (@pxref{Home Directory Init File}). See also deprecated
@@ -21146,7 +21150,7 @@ by @samp{show auto-load safe-path} (such as @samp{/usr:/bin} in this example).
Specify this directory as in the previous case but just for a single
@value{GDBN} session.
-@item @kbd{gdb -iex "set auto-load safe-path" [@dots{}]}
+@item @kbd{gdb -iex "set auto-load safe-path /" [@dots{}]}
Disable auto-loading safety for a single @value{GDBN} session.
This assumes all the files you debug during this @value{GDBN} session will come
from trusted sources.