[SCM] archer-jankratochvil-autoload: Merge branch 'secmove-misc2-warn-safepath-debug' into secmove-misc2-warn-safepath-debug-warnlocal

[jkratoch@sourceware.org]

The branch, archer-jankratochvil-autoload has been updated
       via  379a2b7b5fb4295bdc60124523782786df9d4fda (commit)
       via  34dc55262ca5ef8fb8445ed5019b5522a443fa71 (commit)
       via  854a71f7c123fdceca76268ff6ff0a732fbfca37 (commit)
       via  93272c548cdc51c0828235b32067b9b34872f6cc (commit)
       via  ea9f478bff0af2f05578c2df9838c0e9d8b8bb3b (commit)
       via  9e607b55acdf9f7336e593dd30052ce0911c9f2f (commit)
       via  86996843b5f5bcca314bfd0d146b64a8ffdb30de (commit)
       via  48f624d8d5b7a6155937a22dd674530069b9aae5 (commit)
      from  cff2631c17203ca340507ead14c62a5c66564866 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email.

- Log -----------------------------------------------------------------
commit 379a2b7b5fb4295bdc60124523782786df9d4fda
Merge: cff2631 34dc552
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 21:02:38 2012 +0200

    Merge branch 'secmove-misc2-warn-safepath-debug' into secmove-misc2-warn-safepath-debug-warnlocal

commit 34dc55262ca5ef8fb8445ed5019b5522a443fa71
Merge: b107f7e 854a71f
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 21:02:35 2012 +0200

    Merge branch 'secmove-misc2-warn-safepath' into secmove-misc2-warn-safepath-debug
    
    Conflicts:
    	gdb/doc/gdb.texinfo

commit 854a71f7c123fdceca76268ff6ff0a732fbfca37
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 21:01:43 2012 +0200

    .

commit 93272c548cdc51c0828235b32067b9b34872f6cc
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 20:59:28 2012 +0200

    .

commit ea9f478bff0af2f05578c2df9838c0e9d8b8bb3b
Merge: 48f624d 9e607b5
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 19:21:05 2012 +0200

    Merge branch 'secmove-misc2-warn' into secmove-misc2-warn-safepath

commit 9e607b55acdf9f7336e593dd30052ce0911c9f2f
Merge: 0bc627f 8699684
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 19:21:05 2012 +0200

    Merge branch 'secmove-misc2' into secmove-misc2-warn

commit 86996843b5f5bcca314bfd0d146b64a8ffdb30de
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 19:21:01 2012 +0200

    .

commit 48f624d8d5b7a6155937a22dd674530069b9aae5
Author: Jan Kratochvil <jan.kratochvil@redhat.com>
Date:   Sun Mar 25 19:20:33 2012 +0200

    .

-----------------------------------------------------------------------

Summary of changes:
 gdb/NEWS            |   12 +++++-----
 gdb/auto-load.c     |    7 +++--
 gdb/doc/gdb.texinfo |   63 ++++++++++++++++++++++++++++++++++++++++++++++-----
 3 files changed, 67 insertions(+), 15 deletions(-)

First 500 lines of diff:
diff --git a/gdb/NEWS b/gdb/NEWS
index 5ea554d..5ec5252 100644
--- a/gdb/NEWS
+++ b/gdb/NEWS
@@ -115,7 +115,7 @@ HP OpenVMS ia64			ia64-hp-openvms*
 
 set breakpoint condition-evaluation
 show breakpoint condition-evaluation
-  Controls whether breakpoint conditions are evaluated by GDB ("host") or by
+  Control whether breakpoint conditions are evaluated by GDB ("host") or by
   GDBserver ("target").  Default option "auto" chooses the most efficient
   available mode.
   This option can improve debugger efficiency depending on the speed of the
@@ -129,23 +129,23 @@ show auto-load
 
 set auto-load gdb-scripts on|off
 show auto-load gdb-scripts
-  Controls auto-loading of GDB canned sequences of commands files.
+  Control auto-loading of GDB canned sequences of commands files.
 
 set auto-load python-scripts on|off
 show auto-load python-scripts
-  Controls auto-loading of Python script files.
+  Control auto-loading of Python script files.
 
 set auto-load local-gdbinit on|off|warn-and-on|warn-and-off
 show auto-load local-gdbinit
-  Controls loading of init file (.gdbinit) from current directory.
+  Control loading of init file (.gdbinit) from current directory.
 
 set auto-load libthread-db on|off
 show auto-load libthread-db
-  Controls auto-loading of inferior specific thread debugging shared library.
+  Control auto-loading of inferior specific thread debugging shared library.
 
 set auto-load safe-path <dir1>[:<dir2>...]
 show auto-load safe-path
-  Sets a list of directories safe to hold auto-loaded files.
+  Set a list of directories from which it is safe to auto-load files.
 
 set debug auto-load on|off
 show debug auto-load
diff --git a/gdb/auto-load.c b/gdb/auto-load.c
index 8d3153c..8c9dc39 100644
--- a/gdb/auto-load.c
+++ b/gdb/auto-load.c
@@ -33,6 +33,7 @@
 #include "cli/cli-decode.h"
 #include "cli/cli-setshow.h"
 #include "gdb_vecs.h"
+#include "readline/tilde.h"
 
 /* The suffix of per-objfile scripts to auto-load as non-Python command files.
    E.g. When the program loads libfoo.so, look for libfoo-gdb.rc.  */
@@ -166,7 +167,7 @@ auto_load_safe_path_vec_update (void)
       if (next_dir != NULL)
 	*next_dir++ = 0;
 
-      real_path = gdb_realpath (safe_path);
+      real_path = gdb_realpath (tilde_expand (safe_path));
       VEC_safe_push (char_ptr, auto_load_safe_path_vec, real_path);
 
       if (debug_auto_load)
@@ -959,8 +960,8 @@ Usage: info auto-load local-gdbinit"),
   auto_load_safe_path_vec_update ();
   add_setshow_optional_filename_cmd ("safe-path", class_support,
 				     &auto_load_safe_path, _("\
-Set the directories safe to hold auto-loaded files."), _("\
-Show the directories safe to hold auto-loaded files."), _("\
+Set the list of directories from which it is safe to auto-load files."), _("\
+Show the list of directories from which it is safe to auto-load files."), _("\
 Various files loaded automatically for the 'set auto-load ...' options must\n\
 be located in one of the directories listed by this option.  Warning will be\n\
 printed and file will not be used otherwise.  Use empty string to allow any\n\
diff --git a/gdb/doc/gdb.texinfo b/gdb/doc/gdb.texinfo
index c9dd6c5..63f0813 100644
--- a/gdb/doc/gdb.texinfo
+++ b/gdb/doc/gdb.texinfo
@@ -1271,6 +1271,7 @@ used when building @value{GDBN}; @pxref{System-wide configuration,
  ,System-wide configuration and settings}) and executes all the commands in
 that file.
 
+@anchor{init file in home directory}
 @item
 Reads the init file (if any) in your home directory@footnote{On
 DOS/Windows systems, the home directory is the one pointed to by the
@@ -1280,7 +1281,7 @@ that file.
 @item
 Processes command line options and operands.
 
-@anchor{local-gdbinit}
+@anchor{init file in current directory}
 @item
 Reads and executes the commands from init file (if any) in the current
 working directory as long as @samp{set auto-load local-gdbinit} is set to
@@ -24969,11 +24970,20 @@ top of the source tree to the source search path.
 
 As the files of inferior can come from untrusted source (such as submitted by
 an application user) @value{GDBN} does not always load any files automatically.
+@value{GDBN} provides the @samp{set auto-load safe-path} setting to list
+directories trusted for loading files not explicitly requested by user.
 
-This setting should contain so called canonical filenames, after any symbolic
-links, current and parent directories have been resolved.  Both the
-@samp{auto-load safe-path} setting and the scripts being verified are
-canonicalized first for their matching.
+If the path is not set properly you will see a warning and the file does not
+get loaded:
+
+@smallexample
+$ ./gdb -q ./gdb
+Reading symbols from /home/user/src/gdb/gdb...done.
+warning: File "/home/user/src/gdb/gdb-gdb.rc" auto-loading has been declined by your `auto-load safe-path' set to "/usr/local".
+warning: File "/home/user/src/gdb/gdb-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "/usr/local".
+@end smallexample
+
+The list of trusted directories is controlled by commands:
 
 @table @code
 @kindex set auto-load safe-path
@@ -24991,11 +25001,52 @@ loading and execution of scripts.
 Setting this variable to an empty string disables this security protection.
 This variable is supposed to be set to the system directories writable by the
 system superuser only.  Users can add their source directories in home
-directories.  See also the deprecated option @xref{local-gdbinit}.
+directories.  See also deprecated @xref{init file in current directory}.
+
+There are multiple ways to get the files declined in the example above loaded:
+
+@itemize @bullet
+@item ~/.gdbinit: set auto-load safe-path /usr:/bin:~/src/gdb
+Specify this trusted directory (or a file) as additional component of the list.
+You have to specify also any existing directories displayed by
+by @samp{show auto-load safe-path} (such as @samp{/usr:/bin} in this example).
+
+@item gdb -iex "set auto-load safe-path /usr:/bin:~/src/gdb" [...]
+Specify this directory as in the previous case but just for a single
+@value{GDBN} session.
+
+@item gdb -iex "set auto-load safe-path" [...]
+Disable auto-loading safety for a single @value{GDBN} session.
+This assumes all the files you debug during this @value{GDBN} session will come
+from trusted sources.
+
+@item ./configure --without-auto-load-safe-path
+During compilation of @value{GDBN} you may disable any auto-loading safety.
+This assumes all the files you will ever debug with this @value{GDBN} come from
+trusted sources.
+@end itemize
+
+On the other hand you can also explicitly forbid automatic files loading which
+also suppresses any such warning messages:
+
+@itemize @bullet
+@item gdb -iex "set auto-load no" [...]
+You can use @value{GDBN} command-line option for a single @value{GDBN} session.
+
+@item ~/.gdbinit: set auto-load no
+Disable auto-loading globally for the user
+(@pxref{init file in home directory}).  While it is improbable you could also
+use system init file instead (@pxref{System-wide configuration}).
+@end itemize
 
 Be aware even downloaded source packages may contain exploit code which may get
 executed by @value{GDBN} without explicitly running any program therein.
 
+This setting should contain so called canonical filenames, after any symbolic
+links, current and parent directories have been resolved.  Both the
+@samp{auto-load safe-path} setting and the scripts being verified are
+canonicalized first for their matching.
+
 @node auto-load verbose mode
 @subsubsection Displaying files tried for auto-load
 @cindex debug auto-load


hooks/post-receive
--
Repository for Project Archer.