[spatialite-gui] 08/10: Add patch to fix -Wformat & -Werror=format-security issues.

Sebastiaan Couwenberg sebastic at moszumanska.debian.org
Sat Jun 27 20:42:00 UTC 2015 

This is an automated email from the git hooks/post-receive script.

sebastic pushed a commit to branch experimental
in repository spatialite-gui.

commit f9f63e27339d4b07a5be6039bdb4ecad40807097
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date:   Sat Jun 27 21:33:55 2015 +0200

    Add patch to fix -Wformat & -Werror=format-security issues.
---
 debian/changelog                     |  1 +
 debian/patches/format-security.patch | 91 ++++++++++++++++++++++++++++++++++++
 debian/patches/series                |  1 +
 3 files changed, 93 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index ecf734b..69e6520 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,7 @@ spatialite-gui (2.0.0~devel1-1) UNRELEASED; urgency=medium
   * Drop patches applied upstream, refresh remaining patches.
   * Bump minimum required libspatialite-dev to 4.3.0~rc1.
   * Bump minimum required librasterlite2-dev to 1.0.0~rc0+devel.
+  * Add patch to fix -Wformat & -Werror=format-security issues.
 
  -- Bas Couwenberg <sebastic at debian.org>  Sat, 27 Jun 2015 16:37:31 +0200
 
diff --git a/debian/patches/format-security.patch b/debian/patches/format-security.patch
new file mode 100644
index 0000000..703ca77
--- /dev/null
+++ b/debian/patches/format-security.patch
@@ -0,0 +1,91 @@
+Description: Fix -Wformat & -Werror=format-security issues.
+ Some examples of the issues:
+ .
+  Styles.cpp: In member function 'void ReloadVectorStyleDialog::OnOk(wxCommandEvent&)':
+  Styles.cpp:2838:36: warning: format '%d' expects argument of type 'int', but argument 3 has type 'long int' [-Wformat=]
+         sprintf(dummy, "%d", style_id);
+ .
+  Styles.cpp: In member function 'VectorCoverageSRIDsList* MyFrame::FindVectorAlternativeSRIDs(wxString&)':
+  Styles.cpp:3959:33: error: format not a string literal and no format arguments [-Werror=format-security]
+     sprintf(cvg, coverage.ToUTF8());
+Author: Bas Couwenberg <sebastic at debian.org>
+Forwarded: https://groups.google.com/d/msg/spatialite-users/su34eCaUKrI/9M4RMsKR6i0J
+
+--- a/Styles.cpp
++++ b/Styles.cpp
+@@ -2835,7 +2835,7 @@ void ReloadVectorStyleDialog::OnOk(wxCom
+   if (MainFrame->ValidateVectorStyle(Path.ToUTF8(), &blob, &blob_size) == true)
+     {
+       char dummy[80];
+-      sprintf(dummy, "%d", style_id);
++      sprintf(dummy, "%ld", style_id);
+       if (DoReloadVectorStyle(style_id, blob, blob_size) == true)
+         {
+           ::wxEndBusyCursor();
+@@ -3047,7 +3047,7 @@ void ReloadRasterStyleDialog::OnOk(wxCom
+   if (MainFrame->ValidateRasterStyle(Path.ToUTF8(), &blob, &blob_size) == true)
+     {
+       char dummy[80];
+-      sprintf(dummy, "%d", style_id);
++      sprintf(dummy, "%ld", style_id);
+       if (DoReloadRasterStyle(style_id, blob, blob_size) == true)
+         {
+           ::wxEndBusyCursor();
+@@ -3284,7 +3284,7 @@ void UnregisterRasterStyleDialog::OnOk(w
+     }
+   ::wxBeginBusyCursor();
+   char dummy[80];
+-  sprintf(dummy, "%d", style_id);
++  sprintf(dummy, "%ld", style_id);
+   if (DoCheckUnreferencedRasterStyle(style_id) == true)
+     {
+       if (DoUnregisterRasterStyle(style_id) == true)
+@@ -3526,7 +3526,7 @@ void UnregisterVectorStyleDialog::OnOk(w
+     }
+   ::wxBeginBusyCursor();
+   char dummy[80];
+-  sprintf(dummy, "%d", style_id);
++  sprintf(dummy, "%ld", style_id);
+   if (DoCheckUnreferencedVectorStyle(style_id) == true)
+     {
+       if (DoUnregisterVectorStyle(style_id) == true)
+@@ -3956,7 +3956,8 @@ VectorCoverageSRIDsList *MyFrame::FindVe
+   char *sql;
+   char cvg[1024];
+ 
+-  sprintf(cvg, coverage.ToUTF8());
++  wxCharBuffer buffer=coverage.ToUTF8();
++  sprintf(cvg, "%s", buffer.data());
+   sql =
+     sqlite3_mprintf
+     ("SELECT 1, s.srid, s.auth_name, s.auth_srid, s.ref_sys_name FROM vector_coverages AS v "
+@@ -4337,7 +4338,8 @@ VectorCoverageKeywordsList *MyFrame::Fin
+   char *sql;
+   char cvg[1024];
+ 
+-  sprintf(cvg, coverage.ToUTF8());
++  wxCharBuffer buffer=coverage.ToUTF8();
++  sprintf(cvg, "%s", buffer.data());
+   sql =
+     sqlite3_mprintf
+     ("SELECT keyword FROM vector_coverages_keyword WHERE coverage_name = %Q ORDER BY 1",
+@@ -4767,7 +4769,8 @@ RasterCoverageSRIDsList *MyFrame::FindRa
+   char *sql;
+   char cvg[1024];
+ 
+-  sprintf(cvg, coverage.ToUTF8());
++  wxCharBuffer buffer=coverage.ToUTF8();
++  sprintf(cvg, "%s", buffer.data());
+   sql =
+     sqlite3_mprintf
+     ("SELECT 1, s.srid, s.auth_name, s.auth_srid, s.ref_sys_name FROM raster_coverages AS v "
+@@ -5147,7 +5150,8 @@ RasterCoverageKeywordsList *MyFrame::Fin
+   char *sql;
+   char cvg[1024];
+ 
+-  sprintf(cvg, coverage.ToUTF8());
++  wxCharBuffer buffer=coverage.ToUTF8();
++  sprintf(cvg, "%s", buffer.data());
+   sql =
+     sqlite3_mprintf
+     ("SELECT keyword FROM raster_coverages_keyword WHERE coverage_name = %Q ORDER BY 1",
diff --git a/debian/patches/series b/debian/patches/series
index 1e9839c..80846e8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 01-fix_binary_name.patch
+format-security.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/spatialite-gui.git

More information about the Pkg-grass-devel mailing list