From 02599650b1ce9e53c837c29db5002e07337a20ab Mon Sep 17 00:00:00 2001
From: Jim Meyering <jim@meyering.net>
Date: Sun, 20 May 2007 14:45:38 +0200
Subject: stty: diagnose an invalid hex value in 35-colon commmand-line
 argument * NEWS: Mention this. * src/stty.c (strtoul_tcflag_t, strtoul_cc_t):
 New functions. (recover_mode): Use those functions (not sscanf), to parse the
 string robustly. * tests/stty/invalid: New file.  Test for the above. *
 tests/stty/Makefile.am (TESTS): Add invalid. * .x-sc_prohibit_atoi_atof:
 Don't exempt stty.c from this check. Add tests/stty/invalid so we don't have
 to obfuscate the comment about sscanf therein. * Makefile.maint
 (sc_prohibit_atoi_atof): Mention sscanf in the diagnostic, too.

---
 NEWS | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 2a2310892..0000a2bf7 100644
--- a/NEWS
+++ b/NEWS
@@ -30,6 +30,11 @@ GNU coreutils NEWS                                    -*- outline -*-
   tr -c no longer aborts when translating with Set2 larger than the
   complement of Set1.  [introduced with the original version, in 1992]
 
+** Improved robustness
+
+  stty no longer silently accepts certain invalid hex values
+  in its 35-colon commmand-line argument
+
 
 * Noteworthy changes in release 6.9 (2007-03-22) [stable]
 
-- 
cgit v1.2.3-70-g09d2