summary refs log tree commit diff
path: root/gnu/packages/patches/cssc-gets-undeclared.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/cssc-gets-undeclared.patch')
-rw-r--r--gnu/packages/patches/cssc-gets-undeclared.patch17
1 files changed, 17 insertions, 0 deletions
diff --git a/gnu/packages/patches/cssc-gets-undeclared.patch b/gnu/packages/patches/cssc-gets-undeclared.patch
new file mode 100644
index 0000000000..68c607cf58
--- /dev/null
+++ b/gnu/packages/patches/cssc-gets-undeclared.patch
@@ -0,0 +1,17 @@
+CSSC uses a gets in a couple of places.  For security reasons, modern gnulib
+does not allow this.  This patch allows it again.
+--- CSSC-1.3.0/gl/lib/stdio.in.h	2010-05-15 00:15:35.000000000 +0200
++++ CSSC-1.3.0/gl/lib/stdio.in.h	2014-02-03 21:27:10.000000000 +0100
+@@ -135,12 +135,6 @@
+                  "use gnulib module fflush for portable POSIX compliance");
+ #endif
+ 
+-/* It is very rare that the developer ever has full control of stdin,
+-   so any use of gets warrants an unconditional warning.  Assume it is
+-   always declared, since it is required by C89.  */
+-#undef gets
+-_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+-
+ #if @GNULIB_FOPEN@
+ # if @REPLACE_FOPEN@
+ #  if !(defined __cplusplus && defined GNULIB_NAMESPACE)