| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When subprocesses are created using open-command,
open-process, run or sh, any streams not bound by
those functions are obtained from *stdin*, *stdout*
or *stderr*, as appropriate. Thus manipulating these
variables has the effect of redirecting not only
local output within the program but over coprocesses
as well.
* stream.c (struct save_fds): New type.
(FDS_IN, FDS_OUT, FDS_ERR): New macros.
(fds_init, fds_subst, fds_swizzle, fds_restore): New static
functions.
(open_command, open_process, run): "Swizzle" and restore
the standard file descriptors.
* txr.1: Updated documentation of affected function.
|
| |
|
|
|
|
| |
Makefile (lex.yy.c): Crudely and shamelessly filter lex.yy.c
through sed to remove // commments, even if // occurs in a
string literal or a /*...*/ comment which ends on that line.
|
| |
|
|
|
| |
txr.c (help): 2015 was so last year. Let's make it
a range from 2009 to current.
|
| |
|
|
|
| |
txr.c (help): Remove blank line between name and copyright
line.
|
| |
|
|
| |
txr.c (help): "sare" -> "are".
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This helps with setuid hash bang scripting on Mac OS,
and other plaforms where the interpreter executed out
of a hash bang script runs with orinary privilege,
even if marked setuid.
* sysif.c (exec_wrap): Static function turns extern.
* sysif.h (exec-wrap): Declared.
* txr.1: Documented --reexec. Added notes about setuid under
Hash Bang Support.
* txr.c (help): List --reexec option.
(txr_main): Implement --reexec option.
|
| |
|
|
|
|
|
| |
* configure (lang_flags): The declaration of setgroups
requires the __EXTENSIONS__ macro. If the test fails, let's
repeat it with that macro and if it succeeds, add that to
lang_flags.
|
| |
|
|
|
|
|
|
| |
* genvim.txr (txr_splicevar): This match must be contained.
(txr_metanum): Must be contained in TXR, need not be contained
in TXR Lisp.
* txr.vim, tl.vim: Regenerated.
|
| |
|
|
|
|
| |
* txr.c (oom_realloc_handler): When terminating, only print
the word false if the print-bindings option -B is in effect.
Also, print it to standard output, not standard error.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lisplib.c (path_test_set_entries): New elements in the list
for path-readable-to-me-p, path-read-writable-to-me-p, and
path-strictly-private-to-me-p.
* share/txr/stdlib/path-test.pl (sys:path-access): Test
bitwise combinations of permissions, so read+write
can be tested in one call.
(path-readable-to-me-p, path-read-writable-to-me-p,
path-strictly-private-to-me-p): New functions.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
| |
* share/txr/stdlib/path-test.tl (sys:path-access): Comment
added to note use restriction to identical permissions for
all three scopes. Fixed incorrect use of logior instead
of logand which causes strict permission test to be applied
to user even when testing for non-execute permisisons.
|
| |
|
|
|
|
|
|
|
|
|
| |
If txr is renamed to something else in the same installation
directory, we can still calculate the sysroot.
* txr.c (substitute_basename): New function.
(sysroot_init): Make one more attempt to calculate the
sysroot by substituting the actual base name of
the program into the compile-time relative path, and
using that path agains the full path name.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* txr.c (sysroot_path): New static variable.
(progpath): Variable renamed to prog_path.
(sysroot_helper): Function removed.
(maybe_sysroot): New function.
(sysroot): Function now just catenates previously
calculated sysroot path onto target without.
(sysroot_init): Follow rename of progpath to prog_path.
GC-protect sysroot_path. Calculate sysroot path; if not
able, emit warning message and use empty string.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TXR now notices that it's running setgid, and
implements setgid logic for scripts.
* sysif.c (orig_egid, real_gid, is_setgid): New static
variables.
(repress_privilege): Treat real and effective
group ID similarly to user ID. Save them in global
variables, and set the is_setgid flag.
(drop_privilege): Drop setgid privilege similarly
to setuid. Operate selectively: if neither setuid
nor setgid is in effect, do nothing, but if just
one is in effect, don't do anything for the other.
(simulate_setuid): Function renamed to simulate_setuid_setgid.
A small change is made here: if the fstat fails, just drop
privilege, don't abort. Implement setgid operation
independently of setuid. The is_setgid and is_setuid
flags are manipulated here now to get the drop_privileges
function to selectively drop setuid if we are running
a script which is only segid, or drop setgid if we are running
a setuid only script.
* sysif.h (simulate_setuid): Declaration name change to
simulate_setuid_setgid.
* txr.c (txr_main): Follow rename of simulate_setuid.
* txr.1: SETUID OPERATION section changed to SETUID/SETGID
operation, and setgid description worked into the text.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sysif.c (repress_privilege): Eliminate redundant
getuid call.
(drop_privilege): On some platforms,
setuid(getuid()) will not drop setuid non-root privilege. This
is fixed by using setresuid, if we have it, which we do on
Linux. On platforms where we don't have setresuid,
we try setuid(getuid()). Then after that if we are able
to change our effective user ID to the one we dropped,
we conclude that it didn't work and abort.
(simulate_setuid): Call drop_privilege instead of
repeating the naive privilege-dropping logic.
Check the result of seteuid; if it fails, then
drop privilege! Otherwise a txr that is setuid bob
will continue running as bob, if it fails to enact
setuid on a script owned by alice.
* txr.1: Rewrite SETUID OPERATION section in an attempt
to clarify the wording, fix formatting issues, and
describe the current implemenation of privilege dropping.
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure: Test for these functions.
* sysif.c (getresuid_wrap, getresgid_wrap, setresuid_wrap,
setresgid_wrap): New static function.
(sysif_init): Registered getresuid, setresgid, setresuid and
setresgid intrinsics.
* txr.1: Documented all four functions.
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure: Test for setgroups. New HAVE_SETGROUPS
preprocessor symbol for config/config.h.
* sysif.c (setgroups_wrap): New static function.
(sysif_init): Register intrinsic setgroups function.
* txr.1: Documented setgroups. Rearranged sections
so getgroups and setgroups descriptions are consecutive.
|
| |
|
|
|
|
| |
* configure (lang_flags): -D_GNU_SOURCE added.
* ftw.c (__USE_GNU): Macro definition removed.
|
| |
|
|
|
|
|
|
|
| |
Ever since jmp.S was added, the txr executable has been
building with a bit in the program header indicating that the
stack is to be executable.
* jmp.S: Define the .note.GNU-stack section to
tell the linker we don't need an executable stack.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The purpose is to eliminate any biases in
the PRNG arising out of the regularity of that pattern, so
that the behavior of successive values is good from the
beginning.
This doesn't solve the problem that a short warm-up period
leads to a poor distribution of initial values relative to the
seed space. In other words, that similar seeds lead to
initially similar sequences.
* rand.c (rand_tab): New static array.
(make_random_state): Set uninitialized parts of state from the
corresponding elements in rand_tab, rather than to the
0xAAAAAAAA values.
(rand_compat_fixup): In 139 compatibility mode, clobber
rand_tab with 0xAA bytes.
* tests/013/maze.expected: Updated.
* txr.1: Added some PRNG implementation notes, and
also compatibility notes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This one affects all platforms. The extra sign check and
negation cancels out the one done in mp_get_uintptr, causing a
positive value for a negative input value.
* mpi/mpi.c (mp_get_intptr): Just coerce the uint_ptr_t
result to int_ptr_t. That has the right semantics under
that the bits are preserved (under two's complement, in every
compiler I've ever used). The unsigned value from
mp_get_uintptr already looks like the image of a two's
complement value.
|
| |
|
|
|
|
|
|
|
| |
This applies only to some platforms, none of which are current
targets on which TXR is tested and released.
* mpi/mpi.c (mp_get_uinptr): Do not clobber output
accumulator in the loop body: the bits must be OR-ed
into it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lib.c (copy): Pass new second argument to make_random_state.
* rand.c (random_warmup): New macro.
(random_warmup_s): New symbol variable.
(make_random_state): New warmup argument. Code restructured to
avoid copy flag. Fill code and initialization of r->cur made
common.
(rand_compat_fixup): Pass second argument to
make_random_state.
(rand_init): Pass second argument to make_random_state.
Initialize random_warmup_s with interned symbol. Register
*random-warmup* special variable. Fix registration of
make-random-state to two-argument function type.
* rand.h (make_random_state): Declaration updated.
* txr.1: Document *random-warmup* variable and warup
argument of make-random-state.
|
| |
|
|
|
| |
* rand.c (make_random_state): Don't use getpid
if we aren't on something that looks like Unix.
|
| |
|
|
|
|
| |
* rand.c (make_random_state): Issue #error if SIZEOF_PTR
exceeds 8, rather than including bogus code that
neglects to use the remaining upper 32 bits.
|
| |
|
|
|
|
|
|
|
| |
* eval.c (eval_init): Remove registration of
make-random-state, random-state-get-vec, random-state-p,
random-fixnup, random, and rand.
* rand.c (rand_init): Move registrations removed from
eval_init here.
|
| |
|
|
|
|
|
|
|
|
| |
* eval.h (call_s): Declared.
* match.c (h_call, v_call): New static function.
(dir_tables_init): Register v_call in v_directive_table
under call symbol. Likewise h_call in h_directive_table.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In this change we allow the grammar, as such, to express empty
clauses in the parallel constructs like @(some), @(cases),
@(gather) and so forth. However, we raise an error when these
occur. This results in a cleaner diagnostic behavior.
In the future, empty clauses may be allowed; the semantics has
to be worked out. An empty clause should neither succeed nor
fail; the behavior should be as if it is not there.
The general strategy in this patch is to eliminate the use
of the clauses terminal symbol (completely) and use
clauses_opt everywhere, and then diagnose when that
produces a nil. Some elems are similarly changed to elems_opt
in the horizontal versions of directives.
* parser.y (clauses): Nonterminal symbol completely removed.
(spec): Empty production rule removed, by using clauses_opt
instead of clauses.
(all_clause, some_clause, none_clause,
maybe_clause, cases_clause, choose_clause, gather_clause):
Instead of diagnosing empty clauses via a dedicated
grammar rule, diagnose by looking for nil subtree emerging
from from a clauses phrase.
(gather_parts): Use clauses_opt. Yield nil instead of
a cons if this clauses_opt is nil.
(additional_gather_parts): Simplify grammar and actions
by recursing back to gather_parts. If gather_parts produces
nil, diagnose the empty and/or subclause situation.
(collect_clause): Use clauses_opt and diagnose empty.
Simplify error production, which doesn't have to look
at the lookahead token yychar any more to implement
the empty diagnostic.
(clause_parts): Use clauses_opt instad of clauses. Yield
nil instead of a cons if clause_opt yields nil.
(additional_parts): Grammar and actions simplified by
recursing back to clause_parts. If the recursive
clause_parts produces nil, generate empty and/or
subclause diagnostic.
(elem): Use elems_opt for the various horizontal clauses
and implement empty checks for them. Explicit empty
productions are eliminated.
(clause_parts_h): Changed in way analogous to clause_parts.
(additional_parts_h): Changed analogously to
additional_parts.
(try_clause): Use clauses_opt and catch empties.
Eliminate the second error production.
(catch_clauses_opt): Diagnose empty catch and finally, unless
in compatibility mode with 139 or less. The grammar already
uses clauses_opt here; empty catches and finally had been
allowed. Fixed messages in error productions for catch
and finally to refer to catch and finally rather than try.
|
| |
|
|
|
|
|
| |
* arith.c (arith_init): Registered fixnum-min and fixnum-max
variables.
* txr.1: Documented.
|
| |
|
|
|
|
| |
* checkman.txr: Check .metn using logic shared with .codn.
* txr.1: Numerous errors fixed.
|
| |
|
|
|
|
|
|
| |
* checkman.txr: Check .meta similarly to .code.
* txr.1: Change .meta macro to take only one argument,
so that text with spaces must be quoted.
Errors found and fixed.
|
| |
|
|
|
|
|
|
| |
* checkman.txr: Constraint on first character of second
argument coded as a require constraint, enforced
with assert.
* txr.1: Newly discovered errors fixed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the manual, the .code and .codn macros are no longer
variadic. They take one an two arguments, respectively.
Multiple arguments have to be quoted now.
This makes it easier to detect errors in usage,
using support in checkman.txr.
Numerous errors were found, in fact.
* checkman.txr (check-code): New pattern function
for doing some checks on .code, codn, cod2 and cod3
macro usage.
* txr.1: code and codn macro are no longer variadic.
All variadic uses fixes with quotes. Numerous
errors discovered and corrected.
|
| |
|
|
|
|
| |
* txr.1: Fix incorrect function and variable description
headings with spurious commas and inappropriate plurals.
Fix missing .mets in syntax blocks.
|
| |
|
|
|
|
|
| |
* Makefile (txr-manpage.pdf): Invoke checkman.txr
on the man page source.
* checkman.txr: New file.
|
| |
|
|
|
|
| |
* Makefile (txr-manpage.pdf): Add -ww option
to pdfroff to report all errors, such as uses
of undefined macros.
|
| |
|
|
|
| |
* match.c (v_assert, h_assert): Use ~a rather than ~s
for c->curfile in assert message.
|
| |
|
|
|
|
|
|
|
|
| |
* RELNOTES: Updated.
* configure, txr.1: Bumped version and date.
* share/txr/stdlib/ver.tl: Likewise.
* txr.vim, tl.vim: Regenerated.
|
| |
|
|
|
|
| |
* txr.1: Hunted down and fixed incorrect .code,
.codn, .meta and .metn invocations. Added
missing .desc macros after .coNP Variables ...
|
| |
|
|
|
|
|
|
| |
* eval.c (mapcarv, mappendv, mapdov): When done, we can
recycle the conses used for the temporary copy of the
list-of-lists, whose car-s are used for iterating over the
lists in paralle. This is safe because the temporary
list's conses aren't shared with any other function.
|
| |
|
|
|
|
|
| |
* ftw.c (ftw_wrap): Handle case when dirpath is a list,
by recursion.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
| |
* share/txr/stdlib/path-test.tl (path-private-to-me-p): Use
mlet to initialize the g variable lazily, so that
getgrgid is only called when g is used. getgrid is a fairly
heavy-weight function, and it's only used to resolve
the case when a file is writable to the group owner
(is the user the only member of that group?)
|
| |
|
|
|
|
|
| |
* eval.c (sys_load): Use ~a format specifier rather than ~s
for the load path (if already known to be a string).
* match.c (v_load): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* glob.c (glob_wrap): Perform argument conversions
that might throw before allocating UTF-8 string.
* parser.y (text): In the action for SPACE, the lexeme
is not needed so free($1) right away. If regex_compile
were to throw an exception, that lexeme will leak.
* socket.c (getaddrinfo_wrap): Harden against leakage of
node_u8 and service_u8 strings with an unwind block.
For instance, the hints structure could contain
bad values which cause addrinfo_in to throw.
* stream.c (make_string_byte_input_stream): Perform
possibly throwing argument conversions before allocating
resources.
* sysif.c (mkdir_wrap, mknod_wrap, chmod_wrap, symlink_wrap,
link_wrap, setenv_wrap, crypt_wrap): Likewise.
* syslog.c (openlog_wrap, syslog_wrapv): Likewise.
|
| |
|
|
|
|
|
|
| |
* lib.c (out_str_pretty): Rename to out_str_readable.
This function is called from obj_print_impl precisely when the
pretty flag is false: pretty means output textual things
as the text they denote, rather than machine-readable Lisp.
(out_lazy_str, obj_print_impl): Calls updated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In this patch we change which characters objects
are printed using hex escapes, and which characters
are printed as hex when printing string literals.
* lib.c (obj_print_impl): Add DEL (U+7F) to the
list of character objects which are printed as hex.
In a string literal, it's already printed as \x7F.
Use upper case hex rather than lower case.
(out_str_char): Copy the rules used by obj_print_impl
for deciding what string constituents to print as hex
and how to print it. So for instance, U+80 to U+A0 will
now print in hex as well as the U+D800 to U+DFFF range,
rather than just U+DC00 to U+DCFF, and the BOM
code U+FFFE, U+FFFF and anything higher.
|
| |
|
|
|
|
|
|
| |
The current behavior is that there is no lex rule for this, so such a
byte gets echoed.
parser.l (grammar): Add fallback rule to match one byte
in SREGEX state and turn it into 0xDCxx character.
|
| |
|
|
|
| |
* parser.c (regex_parse): Don't return nil if there
were errors; throw a syntax-error exception.
|
| |
|
|
|
| |
* utf8.c (utf8_encode): Don't return zero in the
out-of-range case, but throw.
|
