Previously the command opened the lock file using fopen with "w" mode,
which truncates the file to zero length. This is unsafe because:
1. If the lock file path is a symlink, the target file gets truncated
2. Race conditions between path resolution and file opening can be
exploited to truncate arbitrary files
An attacker can exploit this by creating a symlink at a predictable
lock file location pointing to a critical file (e.g., source files,
configuration, or system files). When cmake runs file(LOCK), it
follows the symlink and destroys the target file's contents.
Fix by changing the file mode from "w" (write/truncate) to "a"
(append). This creates the file if it doesn't exist but preserves
existing content, preventing data destruction attacks.
Typos in commit 9ba0a54554 (TIClang: Add support for TI Clang-based
compilers, including tiarmclang, 2023-12-06, v3.29.0-rc1~4^2~1)
left the flags unused. In particular, `CMAKE_<LANG>_LINKER_FLAGS`
does not exist.
Modify the `export(EXPORT)` and `install(PACKAGE_INFO)` commands to
actually enforce that certain arguments must be non-empty. With respect
to `export`, this is mainly targeted at CPS export, but ends up
affecting all flavors of `export(EXPORT)` because that is the level at
which argument parsing is performed.
Also, add unit tests to verify that the new rejection of arguments with
missing or empty values is working, update the existing tests due to
changes in error reporting, and remove no-longer-needed manual
validation of an empty `PACKAGE_INFO` argument.
There are exactly two places that use `ParseResult::AddKeywordError`:
the parser itself, and the `set` command. Adjust the format of the
message generated by the latter to be consistent with the former.
71a4e34d97 fileAPI: Expose CMAKE_<LANG>_COMPILER_ARG1
1e02926c9a fileAPI: Refactor toolchains schema to prepare for new version
3caa572c05 fileAPI: Output more info for test failures
Acked-by: Kitware Robot <kwrobot@kitware.com>
Merge-request: !11419
Compiler arguments coming from CC environment variables or multi-element
CMAKE_<LANG>_COMPILER variables set by toolchain files were previously not
exposed in the file API. Among other possible problems, this caused clients
to determine wrong system include paths and built-in preprocessor macros by
calling the compiler without these important arguments.
This is fixed by adding an optional "commandFragment" attribute to the
compiler description in the `toolchains` object, containing these arguments
as a command line fragment. This is already the form in which they are
internally stored in the CMAKE_<LANG>_COMPILER_ARG1 variable, so all that is
required is adding this variable to the set of exported variables, besides
some logic to omit it if empty.
Issue: #22568
Remove literal text "subcommand" from error messages. This addresses the
other use of this and improves consistency (see preceding commit). Also,
omit some unnecessary articles, which also improves consistency.
Remove literal text "subcommand" from error messages. Most other
commands report errors like "<command> <subcommand> <message>", where
the message does not include the literal text "subcommand". The `export`
command was one of two exceptions to this.
While I'm unsure about why `cmPackageInfoArguments` was originally
written the way it was, in its current form, the way command sub-parsers
work, the parser never considers arguments associated with a sub-parser
if the sub-parser keyword isn't present. This means that the arguments
associated with `cmPackageInfoArguments` are treated as unknown, and the
logic to reject them being set if `PACKAGE_INFO` is not present can
never actually execute. Therefore, remove it, and remove the associated
(and effectively useless) `enable` argument to its `Check` method.
Instead, ensure that the package name is actually specified. The only
case in which the parser will create the `optional` associated with the
sub-parser arguments is if the relevant keyword (i.e. `PACKAGE_INFO`) is
present. However, while the associated value is `NonEmpty`, the way we
are using the parser does not actually enforce this, and it looks like a
correct fix may be a breaking change. Therefore, enforce it manually for
now.
Add version validation to cmExportPackageInfoGenerator. Specifically, if
a package uses the "simple" version schema (which is the default if no
schema is specified), validate that the specified version actually
conforms to the schema and issue an error if it does not. Also, issue a
warning if the schema is not recognized.
a308ea38f3 Emscripten: Fix try_run to run the `.js` file and not the adjacent `.wasm`
ad91bc558a ci: Make node available to Emscripten tests
27cc5d58bf Tests/RunCMake/Emscripten: Add tests covering try_compile COPY_FILE
Acked-by: Kitware Robot <kwrobot@kitware.com>
Merge-request: !11451
a308ea38f3 Emscripten: Fix try_run to run the `.js` file and not the adjacent `.wasm`
ad91bc558a ci: Make node available to Emscripten tests
27cc5d58bf Tests/RunCMake/Emscripten: Add tests covering try_compile COPY_FILE
Acked-by: Kitware Robot <kwrobot@kitware.com>
Merge-request: !11451
Brad King