* module/ice-9/arrays.scm (array-copy): New function, export.
* module/Makefile.am: Install (ice-9 arrays).
* doc/ref/api-data.texi: Add documentation for (ice-9 arrays).
* libguile/quicksort.i.c: Use signed bounds throughout.
* libguile/sort.c (scm_restricted_vector_sort_x): Fix error calls. Fix
calls to quicksort.
* test-suite/tests/sort.test: Actually test that the sorted results
match the original data. Test cases for non-zero base index arrays for
sort, sort!, and stable-sort!.
* libguile/struct.h (SCM_VTABLE_BASE_LAYOUT): Layout is a "pr" field.
* module/ice-9/boot-9.scm (record-type-vtable): Record vtable fields are
writable.
(<parameter>): "pw" fields.
* module/oop/goops.scm (<class>, %compute-layout): <read-only> fields
are "pw" underneath.
* module/rnrs/records/procedural.scm (record-type-vtable)
(record-constructor-vtable, make-record-type-descriptor): Use "pw"
fields in vtables.
* module/srfi/srfi-35.scm (%condition-type-vtable)
(struct-layout-for-condition): "pw" fields in vtables.
* test-suite/tests/goops.test:
* test-suite/tests/structs.test: Use "pw" fields only.
* benchmark-suite/benchmarks/structs.bm: Update for make-struct/no-tail,
to use pw fields, and also to remove useless tests that the compiler
would optimize away.
* doc/ref/api-data.texi (Vtables): Add a note about the now-vestigial
permissions character and update documentation.
(Structure Basics, Meta-Vtables): Update examples.
* libguile/hash.c (scm_i_struct_hash): Remove code that would handle
opaque/self fields.
* libguile/print.h (SCM_PRINT_STATE_LAYOUT): Use "pw" fields.
* libguile/struct.c (scm_struct_init): Simplify check for hidden
fields.
* libguile/values.c (scm_init_values): Field is "pw".
* libguile/print.h (SCM_PRINT_STATE_LAYOUT): Use a normal slot instead
of a self slot.
* libguile/print.c (make_print_state): Initialize "handle" slot
manually.
* libguile/struct.c (issue_deprecation_warning_for_self_slots): New
helper, called when making vtables to issue deprecation warnings for
"self" slots. Avoids warning for the "self" slot that's part of the
fixed vtable slots.
(scm_i_struct_inherit_vtable_magic): Call
issue_deprecation_warning_for_self_slots.
* doc/ref/api-data.texi (Vtables, Structure Basics): Remove references
to self slots.
* NEWS: Add entry.
* doc/ref/goops.texi (Redefinable Classes): New subsection.
(Default Class Redefinition Behaviour)
(Changing the Class of an Instance): Update for class redefinition
change.
* NEWS: Add 2.3.0 section.
This is a followup to commit 42f7c01e0a.
Reported by Adriano Peluso <catonano@gmail.com>.
* doc/ref/api-foreign.texi (Foreign Types): Add missing entries for
'short' and 'unsigned-short'.
Based on a patch by Daniel Hartwig <mandyke@gmail.com>.
* NEWS: Update.
* doc/ref/web.texi (URIs): Fragments are properly part of a URI, so
remove the incorrect note. Add documentation on URI subtypes.
* module/web/uri.scm (uri-reference?): New base type predicate.
(uri?, relative-ref?): Specific predicates.
(validate-uri-reference): Strict validation.
(validate-uri, validate-relative-ref): Specific validators.
(build-uri-reference, build-relative-ref): New constructors.
(string->uri-reference): Rename from string->uri.
(string->uri, string->relative-ref): Specific constructors.
(uri->string): Add #:include-fragment? keyword argument.
* module/web/http.scm (parse-request-uri): Use `build-uri-reference',
and result is a URI-reference, not URI, object. No longer infer an
absent `uri-scheme' is `http'.
(write-uri): Just use `uri->string'.
(declare-uri-header!): Remove unused function.
(declare-uri-reference-header!): Update. Rename from
`declare-relative-uri-header!'.
* test-suite/tests/web-uri.test ("build-uri-reference"):
("string->uri-reference"): Add.
("uri->string"): Also tests for relative-refs.
* test-suite/tests/web-http.test ("read-request-line"):
("write-request-line"): Update for no scheme in some URIs.
("entity headers", "request headers"): Content-location, Referer, and
Location should also parse relative-URIs.
* test-suite/tests/web-request.test ("example-1"): Expect URI-reference
with no scheme.
* doc/ref/srfi-modules.texi (SRFI-19): SRFI-19 specifies proleptic use
of the Gregorian calendar, so it was incorrect of the documentation to
describe the code as erroneous in doing so. Rewrite the caution more
neutrally, and move it to the section about the "date" structure, where
it seems most relevant.
* module/ice-9/psyntax.scm (syntax?): Only recognize legacy syntax
objects if the new allow-legacy-syntax-objects? parameter is true.
* module/ice-9/boot-9.scm (allow-legacy-syntax-objects?): New
parameter.
* doc/ref/api-macros.texi (Syntax Transformer Helpers): Document the
horrible situation with legacy syntax objects.
* NEWS: Add entry.
* doc/ref/scheme-ideas.texi: the some way -> the same way
* doc/ref/scheme-intro.texi: Use @math inside a texinfo command (turns out
$math$ is not processed in this context and thus is not rendered correctly).
* doc/ref/vm.texi (Inlined Scheme Instructions): Add string-set!.
* libguile/vm-engine.c (string-set!): New opcode.
* module/ice-9/rdelim.scm (read-string): Reimplement in terms of a
geometrically growing list of strings, to reduce total heap usage when
reading big files.
* module/language/cps/compile-bytecode.scm (compile-function): Add
string-set! support.
* module/language/cps/types.scm (string-set!): Update for &u64 index.
* module/language/tree-il/compile-cps.scm (convert): Unbox index to
string-set!.
* module/system/vm/assembler.scm (system): Export string-set!.
* libguile/fluids.h (struct scm_dynamic_state): Add thread_local_values
table. Thread locals are flushed to a separate thread-local table.
The references are strong references since the table never escapes the
thread.
(scm_make_thread_local_fluid, scm_fluid_thread_local_p): New
functions.
* libguile/fluids.c (FLUID_F_THREAD_LOCAL):
(SCM_I_FLUID_THREAD_LOCAL_P): New macros.
(restore_dynamic_state): Add comment about precondition.
(save_dynamic_state): Flush thread locals.
(scm_i_fluid_print): Print thread locals nicely.
(new_fluid): Add flags arg.
(scm_make_fluid, scm_make_fluid_with_default, scm_make_unbound_fluid):
Adapt.
(scm_make_thread_local_fluid, scm_fluid_thread_local_p): New
functions.
(fluid_set_x): Special flushing logic for thread-locals.
(fluid_ref): Special cache miss logic for thread locals.
* libguile/stacks.c (scm_init_stacks):
* libguile/throw.c (scm_init_throw): %stacks and %exception-handler are
thread-locals.
* libguile/threads.c (guilify_self_2): Init thread locals table.
* test-suite/tests/fluids.test ("dynamic states"): Add test.
* doc/ref/api-control.texi (Fluids and Dynamic States): Add link to
Thread-Local Variables.
* doc/ref/api-scheduling.texi (Thread Local Variables): Update with real
thread-locals.
* NEWS: Update.
* doc/ref/api-foreign.text (dynamic-link): document problems with recursive DLLs.
* test-suite/standalone/test-ffi (global): with Cygwin, dynamic-link C library explicitly
* test-suite/standalone/test-foreign-object-scm (libc-ptr): with Cygwin, link C library explicitly
* test-suite/tests/foreign.test (qsort): with Cygwin, link C library explicitly
* doc/ref/guile-invoke.texi, doc/ref/scheme-scripts.texi:
describe the -e (module) shorthand as on equal footing with (@ ...)
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This feature was removed by 4aead68cdb.
* module/ice-9/i18n.scm (number-decimal-string): Rewrite the case where
DIGIT-COUNT is not an integer.
(number->locale-string): Always pass FRACTION-DIGITS to
'number-decimal-string'.
* test-suite/tests/format.test ("~h localized number")["1234.5"]
["padding", "padchar"]: Remove decimal specifier.
* test-suite/tests/i18n.test ("number->locale-string")
["fraction",
* test-suite/tests/i18n.test ("format ~h")["12 345,678"]: Remove decimal
specifier. Remove one decimal.
* doc/ref/api-i18n.texi (Number Input and Output): Update
'number->locale-string' doc to mention the number of decimals.
Reported by Christopher Allan Webber <cwebber@dustycloud.org>
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This commit adds protection to Guile's REPL servers against HTTP
inter-protocol exploitation attacks, a scenario whereby an attacker can,
via an HTML page, cause a web browser to send data to TCP servers
listening on a loopback interface or private network. See
<https://en.wikipedia.org/wiki/Inter-protocol_exploitation> and
<https://www.jochentopf.com/hfpa/hfpa.pdf>, The HTML Form Protocol
Attack (2001) by Tochen Topf <jochen@remote.org>.
Here we add a procedure to 'before-read-hook' that looks for a possible
HTTP request-line in the first line of input from the client socket. If
present, the socket is drained and closed, and a loud warning is written
to stderr (POSIX file descriptor 2).
* module/system/repl/server.scm: Add 'maybe-check-for-http-request'
to 'before-read-hook' when this module is loaded.
(with-temporary-port-encoding, with-saved-port-line+column)
(drain-input-and-close, permissive-http-request-line?)
(check-for-http-request, guard-against-http-request)
(maybe-check-for-http-request): New procedures.
(serve-client): Use 'guard-against-http-request'.
* module/system/repl/coop-server.scm (start-repl-client): Use
'guard-against-http-request'.
* doc/ref/guile-invoke.texi (Command-line Options): In the description
of the --listen option, make the security warning more prominent.
Mention the new protection added here. Recommend using UNIX domain
sockets for REPL servers. "a path to" => "the file name of".
Fixes <http://bugs.gnu.org/24659>.
* libguile/filesys.c (SCM_DEFINE): Remove calls to 'umask' when MODE is
unbound; instead, use 0777 as the mode. Update docstring to clarify
this.
* doc/ref/posix.texi (File System): Adjust accordingly.
* NEWS: Mention it.
* doc/ref/posix.texi (Ports and File Descriptors): Update.
* libguile/filesys.c (scm_select): Use scm_std_select so that pending
interrupts can be delivered. On EINTR or EAGAIN, just return directly
so that calling Scheme code can run asyncs.
