GNOME Bugzilla – Bug 583940
GZIP variable is dangerous
Last modified: 2019-03-23 20:48:25 UTC
plugins/taglist/Makefile.am has a line: $(GZIP) --best -f $(@:.gz=) The gzip(1) man page says: ENVIRONMENT If the environment variable GZIP is set, it is parsed as a white-space separated list of options handled before any options on the command line. Options on the command line will override anything in GZIP. Thus, if GZIP is e.g. /usr/bin/gzip, this line gets expanded to /usr/bin/gzip /usr/bin/gzip --best -f ... and gzip gzips itself. The Makefile.in distributed with gedit-2.26.2 shows correct usage in multiple places, e.g.: shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz Please convert plugins/taglist/Makefile.am to that usage as well!
however GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz hardcodes the use of 'gzip' instead of using the $(GZIP) executable detected by configure... I wonder if that's ok and we should simply remove the AC_PATH_PROG(GZIP, gzip) from configure.ac
Perhaps GZIP=$(GZIP_ENV) $(GZIP) ... works?
It might look too obvious to be of use, but what about using AC_PATH_PROG(GZIPBIN, gzip) ?
well, what I meant is that if autotools is using plain 'gzip' in stuff it generates we can probably do the same...
Sorry for the delay... I took some time to think about it and then forgot :) I decided to use GZIP_ENV = -9 %.tags.gz: %.tags.xml.in $(INTLTOOL_MERGE) $(wildcard $(top_srcdir)/po/*.po) LC_ALL=C $(INTLTOOL_MERGE) $(top_srcdir)/po $< $(@:.gz=) -x -u -c $(top_builddir)/po/.intltool-merge-cache GZIP=$(GZIP_ENV) gzip -c $(@:.gz=) >$@ Since as I said autotools themselves seem to rely on gzip being available, so no need to detect it