diff options
| author | David Kraeutmann <kane@kane.cx> | 2015-09-08 11:35:33 -0500 |
|---|---|---|
| committer | Austin Seipp <austin@well-typed.com> | 2015-09-08 11:35:59 -0500 |
| commit | 4356dacb4a2ae29dfbd7126b25b72d89bb9db1b0 (patch) | |
| tree | 9d118c4eb0733cd134359efe95e6847d91688abf | |
| parent | dbb4e415126aceb603da0fbf657372389a47e466 (diff) | |
| download | haskell-4356dacb4a2ae29dfbd7126b25b72d89bb9db1b0.tar.gz | |
Forbid annotations when Safe Haskell safe mode is enabled.
For now, this fails compliation immediately with an error. If desired, this
can be a warning that annotations in Safe Haskell are ignored.
Signed-off-by: David Kraeutmann <kane@kane.cx>
Reviewed By: goldfire, austin
Differential Revision: https://phabricator.haskell.org/D1226
GHC Trac Issues: #10826
| -rw-r--r-- | compiler/typecheck/TcAnnotations.hs | 11 | ||||
| -rw-r--r-- | docs/users_guide/7.12.1-notes.xml | 9 | ||||
| -rw-r--r-- | docs/users_guide/safe_haskell.xml | 6 | ||||
| -rw-r--r-- | testsuite/tests/annotations/should_fail/T10826.hs | 7 | ||||
| -rw-r--r-- | testsuite/tests/annotations/should_fail/T10826.stderr | 6 | ||||
| -rw-r--r-- | testsuite/tests/annotations/should_fail/all.T | 2 |
6 files changed, 39 insertions, 2 deletions
diff --git a/compiler/typecheck/TcAnnotations.hs b/compiler/typecheck/TcAnnotations.hs index 474630b789..688a1e9370 100644 --- a/compiler/typecheck/TcAnnotations.hs +++ b/compiler/typecheck/TcAnnotations.hs @@ -12,6 +12,8 @@ module TcAnnotations ( tcAnnotations, annCtxt ) where #ifdef GHCI import {-# SOURCE #-} TcSplice ( runAnnotation ) import Module +import DynFlags +import Control.Monad ( when ) #endif import HsSyn @@ -47,7 +49,14 @@ tcAnnotation (L loc ann@(HsAnnotation _ provenance expr)) = do let target = annProvenanceToTarget mod provenance -- Run that annotation and construct the full Annotation data structure - setSrcSpan loc $ addErrCtxt (annCtxt ann) $ runAnnotation target expr + setSrcSpan loc $ addErrCtxt (annCtxt ann) $ do + -- See #10826 -- Annotations allow one to bypass Safe Haskell. + dflags <- getDynFlags + when (safeLanguageOn dflags) $ failWithTc safeHsErr + runAnnotation target expr + where + safeHsErr = vcat [ ptext (sLit "Annotations are not compatible with Safe Haskell.") + , ptext (sLit "See https://ghc.haskell.org/trac/ghc/ticket/10826") ] annProvenanceToTarget :: Module -> AnnProvenance Name -> AnnTarget Name annProvenanceToTarget _ (ValueAnnProvenance (L _ name)) = NamedTarget name diff --git a/docs/users_guide/7.12.1-notes.xml b/docs/users_guide/7.12.1-notes.xml index 5a6670df75..bc5c7afe8f 100644 --- a/docs/users_guide/7.12.1-notes.xml +++ b/docs/users_guide/7.12.1-notes.xml @@ -100,6 +100,15 @@ See <xref linkend="injective-ty-fams"/> for details. </para> </listitem> + + <listitem> + <para> + Due to a <ulink href="https://ghc.haskell.org/trac/ghc/ticket/10826"> + security issue + </ulink>, Safe Haskell now forbids annotations in programs marked as + <literal>-XSafe</literal> + </para> + </listitem> </itemizedlist> </sect3> diff --git a/docs/users_guide/safe_haskell.xml b/docs/users_guide/safe_haskell.xml index 814f5c9f20..f9bcf549bc 100644 --- a/docs/users_guide/safe_haskell.xml +++ b/docs/users_guide/safe_haskell.xml @@ -946,6 +946,12 @@ Wiki</ulink>. </para> + <para> + Additionally, the use of <link linkend="annotations">annotations</link> + is forbidden, as that would allow bypassing Safe Haskell restrictions. + See <ulink url="https://ghc.haskell.org/trac/ghc/ticket/10826">ticket #10826</ulink>. + </para> + </sect2> </sect1> diff --git a/testsuite/tests/annotations/should_fail/T10826.hs b/testsuite/tests/annotations/should_fail/T10826.hs new file mode 100644 index 0000000000..cddf33ca6f --- /dev/null +++ b/testsuite/tests/annotations/should_fail/T10826.hs @@ -0,0 +1,7 @@ +{-# LANGUAGE Safe #-} +module Test (hook) where + +import System.IO.Unsafe + +{-# ANN hook (unsafePerformIO (putStrLn "Woops.")) #-} +hook = undefined diff --git a/testsuite/tests/annotations/should_fail/T10826.stderr b/testsuite/tests/annotations/should_fail/T10826.stderr new file mode 100644 index 0000000000..0e2bed5d8b --- /dev/null +++ b/testsuite/tests/annotations/should_fail/T10826.stderr @@ -0,0 +1,6 @@ + +T10826.hs:6:1: error: + Annotations are not compatible with Safe Haskell. + See https://ghc.haskell.org/trac/ghc/ticket/10826 + In the annotation: + {-# ANN hook (unsafePerformIO (putStrLn "Woops.")) #-} diff --git a/testsuite/tests/annotations/should_fail/all.T b/testsuite/tests/annotations/should_fail/all.T index 21eaa765c3..0b10d8394a 100644 --- a/testsuite/tests/annotations/should_fail/all.T +++ b/testsuite/tests/annotations/should_fail/all.T @@ -18,7 +18,7 @@ test('annfail10', req_interp, compile_fail, ['']) test('annfail11', normal, compile_fail, ['']) test('annfail12', req_interp, compile_fail, ['-v0']) test('annfail13', normal, compile_fail, ['']) - +test('T10826', normal, compile_fail, ['']) """" Helpful things to C+P: |