Bug#650178: metis-edf: FTBFS with -Werror=format-security
Leo Iannacone
l3on at ubuntu.com
Sun Nov 27 11:56:45 UTC 2011
Subject: metis-edf: FTBFS with -Werror=format-security
Package: metis-edf
Severity: normal
-- System Information:
Package metis-edf fails to compile with the new hardened compiler
lags dpkg-buildflag outputs [1].
The problematic flag is: -Werror=format-security
See the ubuntu buildlog:
https://launchpad.net/ubuntu/+source/metis-edf/4.1-2-1/+build/2862546/+files/buildlog_ubuntu-precise-i386.metis-edf_4.1-2-1_FAILEDTOBUILD.txt.gz
Snippet:
gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Wformat-security -g -O2 -fstack-protector --param=ssp-buffer-size=4
-Wformat -Wformat-security -Werror=format-security -Wall -fPIC -DPIC
-I. -c util.c
util.c: In function '__errexit':
util.c:31:4: error: format not a string literal and no format
arguments [-Werror=format-security]
cc1: some warnings being treated as errors
The buildflags are not exported in debian, but can be enabled e.g. by
adding this to debian/rules:
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
The problem could be solved with:
--- metis-edf-4.1-2.orig/Lib/util.c
+++ metis-edf-4.1-2/Lib/util.c
@@ -28,7 +28,7 @@
sprintf(out2, "Error! %s", out1);
- fprintf(stdout, out2);
+ fprintf(stdout, "%s", out2);
fflush(stdout);
abort();
Please, apply this patch as soon as possible.
Best regards,
Leo Iannacone
[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
** Please type your report below this line ***
Debian Release: wheezy/sid
APT prefers oneiric-updates
APT policy: (500, 'oneiric-updates'), (500, 'oneiric'), (100,
'oneiric-backports')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-13-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the debian-science-maintainers
mailing list