compat 8 vs compat 9

Mon Aug 19 00:51:40 UTC 2013

2013/8/19 Sebastian Ramacher <sramacher at debian.org>

> On 2013-08-19 02:07:44, Jaromír Mikeš wrote:
> > 2013/8/19 Sebastian Ramacher <sramacher at debian.org>
> >
> > > On 2013-08-19 01:08:56, Jaromír Mikeš wrote:
> > > > I have two packages (jack-capture and yoshimi) which have FTBS with
> > > compat
> > > > 9.
> > > > What is difference between compat 8 and 9?
> > >
> > > The changes between the compat levels are listed in debhelper(7). Just
> > > search for COMPATIBILITY LEVELS.
> > >
> > > What are errors you're getting with compat level 9?
> > >
>
> So that's
>
>  "All of the dh_auto_* debhelper programs and dh set environment
>  variables listed by dpkg-buildflags, unless they are already set."
>
> and hardening kicking in. In general this should be fixed. For this
> particular error, there is a bit of information available in the wiki:
>
> https://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_FORMAT_.28gcc.2Fg.2B-.2B-_-Wformat_-Wformat-security_-Werror.3Dformat-security.29
>
> Both errors look like they are easy to fix. They are both of the pattern
> printf(foo) where printf("%s", foo); should have been used instead.
>
> > Here is yoshimi build:
> >
> > /tmp/buildd/yoshimi-1.1.0/obj-
> > x86_64-linux-gnu/MasterUI.cxx: In member function 'void
> > MasterUI::do_load_master(bool, const char*)':
> > /tmp/buildd/yoshimi-1.1.0/obj-x86_64-linux-gnu/MasterUI.cxx:1121:39:
> error:
> > format not a string literal and no format arguments
> > [-Werror=format-security]
> > /tmp/buildd/yoshimi-1.1.0/obj-x86_64-linux-gnu/MasterUI.cxx:1124:39:
> error:
> > format not a string literal and no format arguments
> > [-Werror=format-security]
> > cc1plus: some warnings being treated as errors
> > make[3]: *** [CMakeFiles/yoshimi.dir/MasterUI.cxx.o] Error 1
>
> This can be fixed by using fl_alert("%s", msg.c_str()); instead.
>
> > Here jack-capture:
> >
> > gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
> > -Werror=format-security -O2 -DVERSION=\"0.9.71\" -Wall -Wextra
> -Wno-unused
> > jack_capture.c vringbuffer.c upwaker.c osc.c -o jack_capture -Wl,-z,relro
> > -ljack -lsndfile -lm -lpthread -lrt `cat config_flags`
> > jack_capture.c: In function 'autoincrease_callback':
> > jack_capture.c:336:49: warning: unused parameter 'vrb'
> [-Wunused-parameter]
> >  static int autoincrease_callback(
> > vringbuffer_t *vrb, bool first_call, int reading_size, int writing_size){
> >                                                  ^
> > jack_capture.c:336:75: warning: unused parameter 'reading_size'
> > [-Wunused-parameter]
> >  static int autoincrease_callback(vringbuffer_t *vrb, bool first_call,
> int
> > reading_size, int writing_size){
> >
>    ^
> > jack_capture.c: In function 'print_console':
> > jack_capture.c:663:9: error: format not a string literal and no format
> > arguments [-Werror=format-security]
> >          printf(vol);
> >          ^
> > jack_capture.c:671:9: error: format not a string literal and no format
>
> Here printf("%s", vol); should be enough.
>
> Hope that helps
>

Thanks !
I will try to fix it in in upcoming days ;)

mira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20130819/d30b0b23/attachment.html>