GNU sed supports `-i` (in-place editing) with an optional suffix for the
backup copy. Non-GNU implementations also support `-i`, but the suffix
is not optional. Replacing all occurrences of naked `-i` with `-i.bak`
ensures our scripts work equally well with both.
In order to cover the largest number of glibc and musl libc versions,
withouth warnings, the decision here is to use `_GNU_SOURCE`,
even if it enables a larger than necessary feature set.
A feature macro is needed, because otherwise the `check_c_source_compiles`
for `HAVE_SYSCALL_GETRANDOM` fails in cases when for example
the default compiler flags include `-std=c99`:
````
src.c:6:13: error: implicit declaration of function ‘syscall’ [-Wimplicit-function-declaration]
6 | syscall(SYS_getrandom, NULL, 0, 0);
| ^~~~~~~
````
But this check should pass, as `SYS_getrandom` is available,
only the declaration of `syscall` in `unistd.h` is conditional behind a macro.
The exact minimal public macros, for enabling this are in `features.h`, and
are version dependent.
According to [5.04](
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/man-pages-5.04.tar.gz)
and older versions of the `man 2 syscall` page,
the recommended feature test macro is `_GNU_SOURCE`.
Later on in [5.05](
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/man-pages-5.05.tar.gz)
this statement has changed, to provide a smaller minimal feature set.
Namely up to `glibc 2.18` is `_BSD_SOURCE || _SVID_SOURCE`,
but after that the `_DEFAULT_SOURCE` is recommended,
and `_BSD_SOURCE || _SVID_SOURCE` is deprecated, and emits warning in later versions.
Regardless of that the `_GNU_SOURCE` is still fully supported
in every version and is suitable for our purposes.
The musl libc doesn't use `_SVID_SOURCE` at all, but `_BSD_SOURCE` always works,
plus in some newer versions `_DEFAULT_SOURCE` also sets `_BSD_SOURCE`,
but `_GNU_SOURCE` covers the largest set of versions and is unlikely
to be deprecated in the future.
Further info about feature test macros:
In glibc:
https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html
In musl libc under the `Feature Test Macros Supported by musl` section:
https://musl.libc.org/doc/1.1.24/manual.html
Signed-off-by: Ferenc Géczi <ferenc.gm@gmail.com>
The two issues with the previous approach were that:
1. `check_symbol_exists` would store "1" or "" into
variable `off_t` rather than string "off_t", and
2. (`check_symbol_exists` would not find `off_t` or
`size_t` on modern Linux).
Was reported with NetBSD 9.3.
`size_t` is part of C99 (which Expat requires), so
only the `off_t` half remains.
Running find without path is a GNU extension. GNU find uses current
directory as starting-point in this case. Better always use an
explicit . in build scripts to support find on other systems.
When parsing DTD content with code like ..
XML_Parser parser = XML_ParserCreate(NULL);
XML_Parser ext_parser = XML_ExternalEntityParserCreate(parser, NULL, NULL);
enum XML_Status status = XML_Parse(ext_parser, doc, (int)strlen(doc), XML_TRUE);
.. there are 0 bytes accounted as direct input and all input from `doc` accounted
as indirect input. Now function accountingGetCurrentAmplification cannot calculate
the current amplification ratio as "(direct + indirect) / direct", and it did refuse
to divide by 0 as one would expect, but it returned 1.0 for this case to indicate
no amplification over direct input. As a result, billion laughs attacks from
DTD-only input were not detected with this isolated way of using an external parser.
The new approach is to assume direct input of length not 0 but 22 -- derived from
ghost input "<!ENTITY a SYSTEM 'b'>", the shortest possible way to include an external
DTD --, and do the usual "(direct + indirect) / direct" math with "direct := 22".
GitHub issue #839 has more details on this issue and its origin in ClusterFuzz
finding 66812.
File "doc/xmlwf.1" should not be cleaned when building with
"./configure --without-docbook", and re-compilation of the file
should take precedence over a pre-built copy where available.
Also, variable CLEANFILES can be used to simplify things a bit
in Makefile.am.
This removes the dependency on CLOCKS_PER_SEC that prevented this test
from running properly on some platforms, as well as the inherent
flakiness of time measurements.
Since later commits have introduced g_bytesScanned (and before that,
g_parseAttempts), we can use that value as a proxy for parse time
instead of clock().
