Protect our `$0` reference in the shell as `"$0"`. Otherwise it works
with a space in the path only due to an insecure Windows feature.
Prior to this fix, any installer using the option added by commit
v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL,
2011-06-11) exposes a local privilege escalation vulnerability.
Reported-by: Amir Szekely <kichik@gmail.com>
Reported-by: Ug_0 Security
Inside `git filter-branch --tree-filter` we must format all tracked
files because formatting of the tree for each commit is independent
from earlier commits.
Revert commit v3.6.0-rc1~160^2 (try_compile: Honor
CMAKE_<LANG>_FLAGS_<CONFIG> changes, 2016-04-11). The behavior it
introduced can break projects that depend on the lack of such behavior.
We will have to introduce a policy or other mechanism to enable the
behavior in a compatible way. Simply revert it for now.
See issue #16174.
In commit v3.6.0-rc1~174^2 (Ninja: Honor CMAKE_NINJA_FORCE_RESPONSE_FILE
for compile rules, 2016-04-06), Ninja learned to look for
`CMAKE_NINJA_FORCE_RESPONSE_FILE` in the current scope or the
environment in order to force response file usage for all compilation
rules.
However, on Windows, the RC compiler goes through cmcldeps which does a
`replace(output, output + ".dep.obj")` on the command line. However,
with a response file (which we name `output + ".rsp"`), the response
file path is replaced instead causing the compiler to (correctly)
complain that the response file `output + ".dep.obj.rsp"` does not
exist.
What needs to happen is for cmcldeps to look through the response file,
replace *its* contents and place it in the `output + ".dep.obj.rsp"`
file.
Also add a test which actually compiles an RC file into a library and
executable for all generators on Windows and additionally test
`CMAKE_NINJA_FORCE_RESPONSE_FILE` for Ninja generators.
Fixes#16167.
In commit v3.6.0-rc1~279^2~10 (VS: in Clang/C2 toolset, setup correct
compiler settings, 2016-02-18) a flag mapping was added for the clang
`-Os` flag. However, this collides with a mapping we already had for
the MSVC flag of the same name. This is a symptom of a larger problem
in that the VS generators need a per-toolset flag map (issue #16153).
For now, simply drop the new mapping and drop `-Os` from clang compiler
flags in the MinSizeRel configuration.
Reported-by: Felix Bruns <felixbruns@gmail.com>