* module/ice-9/psyntax.scm (syntax?): Only recognize legacy syntax
objects if the new allow-legacy-syntax-objects? parameter is true.
* module/ice-9/boot-9.scm (allow-legacy-syntax-objects?): New
parameter.
* doc/ref/api-macros.texi (Syntax Transformer Helpers): Document the
horrible situation with legacy syntax objects.
* NEWS: Add entry.
* module/ice-9/psyntax.scm (make-syntax-object): Change to make
new-style syntax objects.
* module/ice-9/psyntax-pp.scm: Regenerate.
* module/ice-9/compile-psyntax.scm (squeeze-syntax-object): Change to be
functional.
(squeeze-constant): Likewise.
(squeeze-tree-il): Likewise.
(translate-literal-syntax-objects): New pass. The compiler can embed
literal syntax objects into compiled objects, but syntax can no longer
be read/written; otherwise users could forge syntax objects. So for
the bootstrap phase, rewrite literal constants to calls to
make-syntax.
* libguile/Makefile.am (libguile_@GUILE_EFFECTIVE_VERSION@_la_SOURCES):
(DOT_X_FILES, DOT_DOC_FILES, noinst_HEADERS): Add syntax.c and
syntax.h.
* libguile/evalext.c (scm_self_evaluating_p):
* libguile/goops.c (class_syntax, scm_class_of, scm_goops_early_init):
* libguile/init.c (scm_init_guile):
* libguile/print.c (iprin1):
* libguile/tags.h (scm_tc7_syntax):
* module/oop/goops.scm (<syntax>):
* module/system/base/types.scm (%tc7-syntax, cell->object):
* module/system/vm/disassembler.scm (code-annotation): Wire up the new
data type.
* libguile/syntax.c:
* libguile/syntax.h: New files.
* module/ice-9/boot-9.scm: Move new definitions to (system syntax
internal).
* module/system/syntax.scm (print-syntax): New helper.
* module/system/vm/assembler.scm (statically-allocatable?)
(intern-constant, link-data): Arrange to be able to write syntax
objects into images.
* module/language/cps/types.scm (&syntax): New type. Remove
&hash-table; it was never detected, an internal binding, and we need
the bit to avoid going into bignum territory.
* module/ice-9/psyntax.scm (%syntax-module): Rename from syntax-module
in order to make room for a new syntax-module primitive binding.
* module/ice-9/psyntax-pp.scm: Regenerate.
* module/ice-9/boot-9.scm: Push syntax bindings into an internal
module.
* module/system/syntax.scm: New file.
* module/Makefile.am (SOURCES): Add system/syntax.scm.
* module/language/cps/effects-analysis.scm (expression-effects): Prompts
cause &all-effects. I tried to limit this change to CSE but it was
actually LICM that was borked, so better to be conservative
* test-suite/tests/control.test ("escape-only continuations"): Add
test.
* doc/ref/vm.texi (Inlined Scheme Instructions): Add string-set!.
* libguile/vm-engine.c (string-set!): New opcode.
* module/ice-9/rdelim.scm (read-string): Reimplement in terms of a
geometrically growing list of strings, to reduce total heap usage when
reading big files.
* module/language/cps/compile-bytecode.scm (compile-function): Add
string-set! support.
* module/language/cps/types.scm (string-set!): Update for &u64 index.
* module/language/tree-il/compile-cps.scm (convert): Unbox index to
string-set!.
* module/system/vm/assembler.scm (system): Export string-set!.
This bug was introduced by 35a9059250.
* module/language/cps/specialize-numbers.scm (specialize-operations):
Check that both operands are real as a condition for
specialize-f64-comparison.
* test-suite/tests/numbers.test: Add test.
* module/language/cps/compile-bytecode.scm (compile-function): Check for
fallthrough after $kclause too; possible to need to jump if clause
tails are contified.
* module/language/cps/contification.scm (compute-contification-candidates):
Enable inter-clause contification.
* module/language/cps/compile-bytecode.scm (compile-function):
* module/language/cps/slot-allocation.scm ($allocation)
(lookup-nlocals, compute-frame-size, allocate-slots): Adapt to
have one frame size per function, for all clauses.
* module/system/vm/linker.scm (*lcm-page-size*): Rename
from *page-size*, change to 64 KB.
* libguile/loader.c (load_thunk_from_memory): Only require page size
alignment, knowing that although Guile might emit ELF with 64k
alignment, it only really needs page alignment.
Fixes <http://bugs.gnu.org/20272>.
* module/ice-9/boot-9.scm (module-generate-unique-id!)
(module-gensym): New procedures.
(module): Add 'next-unique-id' field.
(the-root-module): Inherit 'next-unique-id' value from early stub.
(make-module, make-autoload-interface): Adjust calls to
module-constructor.
* module/ice-9/psyntax.scm (gen-label, new-mark): Generate unique
identifiers from the module name and the per-module unique-id.
(build-lexical-var, generate-temporaries): Use
'module-gensym' instead of 'gensym'.
* module/ice-9/psyntax-pp.scm: Regenerate.
* module/language/tree-il/fix-letrec.scm (fix-letrec!): Use
'module-gensym' instead of 'gensym'.
* module/system/base/syntax.scm (define-record): Likewise.
(transform-record): Likewise.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This feature was removed by 4aead68cdb.
* module/ice-9/i18n.scm (number-decimal-string): Rewrite the case where
DIGIT-COUNT is not an integer.
(number->locale-string): Always pass FRACTION-DIGITS to
'number-decimal-string'.
* test-suite/tests/format.test ("~h localized number")["1234.5"]
["padding", "padchar"]: Remove decimal specifier.
* test-suite/tests/i18n.test ("number->locale-string")
["fraction",
* test-suite/tests/i18n.test ("format ~h")["12 345,678"]: Remove decimal
specifier. Remove one decimal.
* doc/ref/api-i18n.texi (Number Input and Output): Update
'number->locale-string' doc to mention the number of decimals.
Fixes <http://bugs.gnu.org/24990>.
Reported by Martin Michel <dev@famic.de>.
* module/ice-9/i18n.scm (integer->string, number-decimal-string): New
procedures.
(monetary-amount->locale-string): Use them instead of 'number->string'
followed by 'string-split'.
(number->locale-string): Likewise.
* test-suite/tests/i18n.test ("number->locale-string")["fraction"]: Add
second argument to 'number->locale-string'.
["fraction, 1 digit"]: Round up.
["fraction, 10 digits", "trailing zeros", "negative integer"]: New
tests.
* test-suite/tests/i18n.test ("format ~h"): Pass the number of decimals
for ~h.
("monetary-amount->locale-string")["French"]: Always expect two decimals
after the comma.
["one cent", "very little money"]: New tests.
* test-suite/tests/format.test ("~h localized number")["1234.5"]:
Specify the number of decimals explicitly.
["padding"]: Expect zero decimals.
["padchar"]: Ask for one decimal.
["decimals", "locale"]: Adjust rounding.
* module/system/base/target.scm (cpu-endianness, triplet-pointer-size):
Add case for "sh3".
Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Reported by Christopher Allan Webber <cwebber@dustycloud.org>
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This commit adds protection to Guile's REPL servers against HTTP
inter-protocol exploitation attacks, a scenario whereby an attacker can,
via an HTML page, cause a web browser to send data to TCP servers
listening on a loopback interface or private network. See
<https://en.wikipedia.org/wiki/Inter-protocol_exploitation> and
<https://www.jochentopf.com/hfpa/hfpa.pdf>, The HTML Form Protocol
Attack (2001) by Tochen Topf <jochen@remote.org>.
Here we add a procedure to 'before-read-hook' that looks for a possible
HTTP request-line in the first line of input from the client socket. If
present, the socket is drained and closed, and a loud warning is written
to stderr (POSIX file descriptor 2).
* module/system/repl/server.scm: Add 'maybe-check-for-http-request'
to 'before-read-hook' when this module is loaded.
(with-temporary-port-encoding, with-saved-port-line+column)
(drain-input-and-close, permissive-http-request-line?)
(check-for-http-request, guard-against-http-request)
(maybe-check-for-http-request): New procedures.
(serve-client): Use 'guard-against-http-request'.
* module/system/repl/coop-server.scm (start-repl-client): Use
'guard-against-http-request'.
* doc/ref/guile-invoke.texi (Command-line Options): In the description
of the --listen option, make the security warning more prominent.
Mention the new protection added here. Recommend using UNIX domain
sockets for REPL servers. "a path to" => "the file name of".
* module/oop/goops.scm (%compute-layout): Fix class slot layout.
Before, a #:class that was an argument to #:allocation was getting
interpreted as a keyword with a value.
* test-suite/tests/goops.test ("#:class slot allocation"): Add test.
* module/rnrs/io/ports.scm (open-string-output-port): Calling the
get-string proc should flush the buffer and reset the file position.
* test-suite/tests/r6rs-ports.test ("8.2.10 Output ports"): Add tests.
Thanks to Freja Nordsiek for the report.
* libguile/vm-engine.c (bind-kwargs):
* libguile/vm.c (vm_error_kwargs_missing_value):
* libguile/eval.c (error_missing_value)
(prepare_boot_closure_env_for_apply): Adapt to mirror VM behavior.
* libguile/keywords.c (scm_c_bind_keyword_arguments): Likewise.
* module/ice-9/eval.scm (primitive-eval): Update to error on (foo #:kw)
with a "Keyword argument has no value" instead of the horrible "odd
argument list length". Also adapts to the expected args format for
the keyword-argument-error exception printer in all cases. Matches
1.8 optargs behavior also.
* test-suite/standalone/test-scm-c-bind-keyword-arguments.c (test_missing_value):
(missing_value_error_handler): Update test.
* test-suite/tests/optargs.test: Add tests.
* module/ice-9/boot-9.scm (define-module*): Process module imports after
module exports. Allows for an additional kind of circular module
imports (see https://bugs.gnu.org/15540).
* test-suite/tests/modules.test ("circular imports"): Add test.
* module/oop/goops.scm (multiple-arity-dispatcher): Fix dispatch for
max-arity+1 when a generic is already in multiple-arity dispatch.
Fixes#24454.
* test-suite/tests/goops.test ("dispatch"): Add test.
* module/language/cps/types.scm (define-binary-result!): Arithmetic
where one argument is a flonum may produce a complex.
* test-suite/tests/compiler.test: Add test.
* libguile/snarf.h (SCM_IMMUTABLE_STRINGBUF): Remove shared flag.
Stringbufs are immutable by default.
* libguile/strings.c: Rewrite blurb. Change to have stringbufs be
immutable by default and mutable only when marked as such. Going
mutable means making a private copy.
(STRINGBUF_MUTABLE, STRINGBUF_F_MUTABLE): New definitions.
(SET_STRINGBUF_SHARED): Remove.
(scm_i_print_stringbuf): Simplify to just alias the stringbuf as-is.
(substring_with_immutable_stringbuf): New helper.
(scm_i_substring, scm_i_substring_read_only, scm_i_substring_copy):
use new helper.
(scm_i_string_ensure_mutable_x): New helper.
(scm_i_substring_shared): Use scm_i_string_ensure_mutable_x.
(stringbuf_write_mutex): Remove; yaaaaaaaay.
(scm_i_string_start_writing): Use scm_i_string_ensure_mutable_x. No
more mutex.
(scm_i_string_stop_writing): Now a no-op.
(scm_i_make_symbol): Use substring/copy.
(scm_sys_string_dump, scm_sys_symbol_dump): Update.
* libguile/strings.h (SCM_I_STRINGBUF_F_SHARED): Remove.
(SCM_I_STRINGBUF_F_MUTABLE): Add.
* module/system/vm/assembler.scm (link-data): Don't add shared flag any
more. Existing compiled flags are harmless tho.
* test-suite/tests/strings.test ("string internals"): Update.
* module/web/http.scm (header-writer): Default to calling put-string.
(put-list): Rename from write-list, take the port first, and call the
put-item function with port then value. Adapt all callers.
(write-date): Rename display-digits to put-digits.
(put-challenge): Rename from write-challenge, adapt arguments to put
convention, and adapt callers.
(declare-symbol-list-header!): Use put-symbol.
(declare-integer-header!): Use put-non-negative-integer.o
(declare-entity-tag-list-header!): Use put-entity-tag-list.
("If-Range", "Etag"): Adapt to put-entity-tag.
(make-chunked-output-port): Use put-char.
* module/web/http.scm: Use put-string and other routines from (ice-9
textual-ports) in preference to `display'. The goal is for these
operations to be suspendable.
* module/web/http.scm: Modernize the Guile Scheme by using more match,
when, unless, and non-tail conversion. No functional change, with the
exception of fixing a bug in write-key-value-list for symbols like
100-continue that shouldn't print as #{100-continue}#.
* test-suite/tests/web-http.test (pass-if-only-parse):
(pass-if-reparse, pass-if-parse): Arrange to also serialize and
reparse values from pass-if-parse. Apply to all existing tests except
fragments where we don't expect fragments to be written out.
* module/ice-9/pretty-print.scm (print): In the array case, pass
#:inner? along to (print-sequence), unless we're at the last dimension
of the array.
Special case for 0-rank arrays, which cannot be empty and have no
length.
* test-suite/tests/print.test: Test some of the cases fixed by this
patch.
