Protect our `$0` reference in the shell as `"$0"`. Otherwise it works
with a space in the path only due to an insecure Windows feature.
Prior to this fix, any installer using the option added by commit
v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL,
2011-06-11) exposes a local privilege escalation vulnerability.
Reported-by: Amir Szekely <kichik@gmail.com>
Reported-by: Ug_0 Security
Revert these commits:
* v3.6.0-rc1~134^2
Tests: QtAutogen: Same source name in different directories test, 2016-04-13
* v3.6.0-rc1~134^2~1
Autogen: Generate qrc_NAME.cpp files in subdirectories, 2016-04-19
* v3.6.0-rc1~134^2~2
Autogen: Generate not included moc files in subdirectories, 2016-04-19
They regress existing builds that depend on the paths/symbols generated
previously. Another approach will be needed to solve the name collision
problem they were intended to solve. Leave the error diagnostics for
the colliding cases that were added in the same topic as the above
commits because they provide a useful early failure in relevant cases.
Fixes#16209.
Since commit v3.6.0-rc1~339^2 (CPack: Fix CPACK_INSTALL_CMAKE_PROJECTS
SubDirectory (4th) option, 2016-02-18) we now honor the "Directory"
option of this variable. Prior to that commit the value was not used
so projects may have used a placeholder value like `.` instead of `/`.
Treat `.` the same as `/` to restore compatibility with such projects.
Fixes#16205.
Commit v3.6.0-rc1~174^2~1 (cmGlobalNinjaGenerator: Clarify logic for
forcing use of response files, 2016-04-06) started using negative
command line length values to represent forced use of response files but
forgot to update `calculateCommandLineLengthLimit()` accordingly. Teach
it to return `0` instead of `-1` when no limit is computed from the
system to avoid forcing response files.
Reported-by: Raphael Kubo da Costa <rakuco@FreeBSD.org>
In commit v3.6.0-rc1~66^2 (CPack/RPM different package names,
2016-05-15) we forgot the non-uppercased fallback variable name
`CPACK_RPM_<COMPONENT>_FILE_NAME`. Add it now.
The fix in commit commit v3.6.0-rc1~82^2 (Drop find_(library|file|path)
prefixes from PATH on non-Windows, 2016-05-09) aggressively dropped
search of the entries in PATH itself in addition to the prefixes derived
from it. This regresses find modules that (incorrectly) depended on the
behavior, including some of our own modules such as FindImageMagick.
Restore the search of entries in PATH itself. If we want to drop it
later we will need to do so with a policy. Fixes#16192.
Inside `git filter-branch --tree-filter` we must format all tracked
files because formatting of the tree for each commit is independent
from earlier commits.
Revert commit v3.6.0-rc1~160^2 (try_compile: Honor
CMAKE_<LANG>_FLAGS_<CONFIG> changes, 2016-04-11). The behavior it
introduced can break projects that depend on the lack of such behavior.
We will have to introduce a policy or other mechanism to enable the
behavior in a compatible way. Simply revert it for now.
See issue #16174.
In commit v3.6.0-rc1~174^2 (Ninja: Honor CMAKE_NINJA_FORCE_RESPONSE_FILE
for compile rules, 2016-04-06), Ninja learned to look for
`CMAKE_NINJA_FORCE_RESPONSE_FILE` in the current scope or the
environment in order to force response file usage for all compilation
rules.
However, on Windows, the RC compiler goes through cmcldeps which does a
`replace(output, output + ".dep.obj")` on the command line. However,
with a response file (which we name `output + ".rsp"`), the response
file path is replaced instead causing the compiler to (correctly)
complain that the response file `output + ".dep.obj.rsp"` does not
exist.
What needs to happen is for cmcldeps to look through the response file,
replace *its* contents and place it in the `output + ".dep.obj.rsp"`
file.
Also add a test which actually compiles an RC file into a library and
executable for all generators on Windows and additionally test
`CMAKE_NINJA_FORCE_RESPONSE_FILE` for Ninja generators.
Fixes#16167.
Brad King
Curl Upstream
Justin Clift
Chuck Atkins
Alex Turbov
Konstantin Podsvirov
O Libre
Gregor Jasny
Ben Boeckel
Robert Maynard
Bartosz Kosiorek
Rolf Eike Beer