[Debian-med-packaging] Bug#643465: readseq: FTBFS: readseq.c:338:3: error: format not a string literal and no format arguments [-Werror=format-security]
Didier Raboud
odyx at debian.org
Tue Sep 27 12:37:20 UTC 2011
Source: readseq
Version: 1-8
Severity: serious
Tags: wheezy sid
User: debian-qa at lists.debian.org
Usertags: qa-ftbfs-20110923 qa-ftbfs hardening-format-security hardening
Justification: FTBFS on amd64
Hi,
During a rebuild of all packages in sid, your package failed to build on
amd64.
Relevant part:
> gcc -o readseq -I/usr/include/ncbi -g -O2 -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wall -DNCBI -I/usr/include/ncbi -DARB readseq.c ureadseq.c ureadasn.c -lncbi -lncbiobj -lncbicdr -lncbiacc -lncbitool -lncbimmdb -lncbiid1 -lnetcli -lm
> readseq.c:184:0: warning: ignoring #pragma segment readseq [-Wunknown-pragmas]
> readseq.c: In function 'formatstr':
> readseq.c:267:27: warning: return discards 'const' qualifier from pointer target type [enabled by default]
> readseq.c:269:31: warning: return discards 'const' qualifier from pointer target type [enabled by default]
> readseq.c:273:8: warning: return discards 'const' qualifier from pointer target type [enabled by default]
> readseq.c: In function 'parseformat':
> readseq.c:288:5: warning: suggest parentheses around comparison in operand of '|' [-Wparentheses]
> readseq.c: In function 'usage':
> readseq.c:338:3: error: format not a string literal and no format arguments [-Werror=format-security]
> readseq.c: In function 'readopt':
> readseq.c:497:14: warning: unused variable 'slen' [-Wunused-variable]
> readseq.c: In function 'Nlm_Main':
> readseq.c:936:13: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:938:13: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> readseq.c:981:17: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> readseq.c:981:17: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:981:17: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> readseq.c:991:15: error: format not a string literal and no format arguments [-Werror=format-security]
> readseq.c:998:19: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> readseq.c:998:19: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:999:19: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> readseq.c:999:19: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:1118:19: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:1118:19: warning: format '%d' expects argument of type 'int', but argument 6 has type 'long unsigned int' [-Wformat]
> readseq.c:1133:5: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:1134:5: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:1158:9: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> readseq.c:734:51: warning: variable 'progname' set but not used [-Wunused-but-set-variable]
> readseq.c:783:11: warning: ignoring return value of 'tmpnam', declared with attribute warn_unused_result [-Wunused-result]
> readseq.c:801:9: warning: ignoring return value of 'gets', declared with attribute warn_unused_result [-Wunused-result]
> readseq.c:865:11: warning: ignoring return value of 'gets', declared with attribute warn_unused_result [-Wunused-result]
> readseq.c:911:13: warning: ignoring return value of 'gets', declared with attribute warn_unused_result [-Wunused-result]
> readseq.c:937:20: warning: ignoring return value of 'freopen', declared with attribute warn_unused_result [-Wunused-result]
> readseq.c: In function 'chooseFormat':
> readseq.c:429:12: warning: ignoring return value of 'fgets', declared with attribute warn_unused_result [-Wunused-result]
> cc1: some warnings being treated as errors
>
> ureadseq.c:30:0: warning: ignoring #pragma segment ureadseq [-Wunknown-pragmas]
> ureadseq.c: In function 'readLINALL':
> ureadseq.c:520:7: warning: unused variable 'i' [-Wunused-variable]
> ureadseq.c: In function 'readUWGCG':
> ureadseq.c:613:3: warning: suggest parentheses around assignment used as truth value [-Wparentheses]
> ureadseq.c:614:3: warning: suggest parentheses around assignment used as truth value [-Wparentheses]
> ureadseq.c: In function 'readOlsen':
> ureadseq.c:658:9: warning: suggest parentheses around assignment used as truth value [-Wparentheses]
> ureadseq.c:669:5: warning: suggest parentheses around assignment used as truth value [-Wparentheses]
> ureadseq.c: In function 'readMSF':
> ureadseq.c:713:11: warning: unused variable 'atseq' [-Wunused-variable]
> ureadseq.c: In function 'readPAUPinterleaved':
> ureadseq.c:776:11: warning: unused variable 'atseq' [-Wunused-variable]
> ureadseq.c: In function 'seqFileFormatFp':
> ureadseq.c:1535:5: warning: format '%d' expects argument of type 'int *', but argument 3 has type 'long int *' [-Wformat]
> ureadseq.c:1535:5: warning: format '%d' expects argument of type 'int *', but argument 4 has type 'long int *' [-Wformat]
> ureadseq.c:1262:13: warning: unused variable 'foundDNA' [-Wunused-variable]
> ureadseq.c: In function 'writeSeq':
> ureadseq.c:1784:3: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> ureadseq.c:1813:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1814:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1814:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1828:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1828:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1838:7: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> ureadseq.c:1848:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1848:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1857:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1857:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1858:7: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> ureadseq.c:1869:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1869:7: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1878:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1878:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1884:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1884:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1915:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1937:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1937:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1954:9: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1954:9: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1961:21: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1961:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1972:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:1972:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:1979:2: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> ureadseq.c:2002:7: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
> ureadseq.c:2002:7: warning: format '%X' expects argument of type 'unsigned int', but argument 5 has type 'long unsigned int' [-Wformat]
> ureadseq.c:2043:9: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat]
> In file included from /usr/include/string.h:642:0,
> from ureadseq.c:24:
> In function 'strcpy',
> inlined from 'writeSeq' at ureadseq.c:1925:13:
> /usr/include/x86_64-linux-gnu/bits/string3.h:105:3: warning: call to __builtin___strcpy_chk will always overflow destination buffer [enabled by default]
> ureadasn.c:19:0: warning: ignoring #pragma segment ureadasn [-Wunknown-pragmas]
> ureadasn.c: In function 'listASNSeqs':
> ureadasn.c:189:3: warning: passing argument 1 of 'AsnIoOpen' discards 'const' qualifier from pointer target type [enabled by default]
> /usr/include/ncbi/asn.h:354:29: note: expected 'Nlm_CharPtr' but argument is of type 'const char *'
> ureadasn.c: In function 'readASNSeq':
> ureadasn.c:261:3: warning: passing argument 1 of 'AsnIoOpen' discards 'const' qualifier from pointer target type [enabled by default]
> /usr/include/ncbi/asn.h:354:29: note: expected 'Nlm_CharPtr' but argument is of type 'const char *'
> ureadasn.c:262:36: warning: ignoring return value of 'fgets', declared with attribute warn_unused_result [-Wunused-result]
> ureadasn.c: In function 'listASNSeqs':
> ureadasn.c:190:36: warning: ignoring return value of 'fgets', declared with attribute warn_unused_result [-Wunused-result]
> In file included from /usr/include/stdio.h:930:0,
> from ureadasn.c:8:
> In function 'fgets',
> inlined from 'readASNSeq' at ureadasn.c:262:36:
> /usr/include/x86_64-linux-gnu/bits/stdio2.h:253:2: warning: call to '__fgets_chk_warn' declared with attribute warning: fgets called with bigger size than length of destination buffer [enabled by default]
> make[1]: *** [build] Error 1
The full build log is available from:
http://people.debian.org/~lucas/logs/2011/09/23/readseq_1-8_lsid64.buildlog
This happened because since dpkg 1.16.0 [0], hardening flags are enabled
under various conditions.
[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot. Internet was not
accessible from the build systems.
More information about the Debian-med-packaging
mailing list