[gnome-continuous-yocto/gnomeostree-3.28-rocko: 5982/8267] libidn: Fix hardened build with musl



commit 5205a9c603eae081b83bc824d399e3ca0e606a81
Author: Khem Raj <raj khem gmail com>
Date:   Sun May 21 22:00:32 2017 -0700

    libidn: Fix hardened build with musl
    
    Re-introduce the patch that was deemed to be not needed
    but it infact is still needed with musl
    
    (From OE-Core rev: 3ba88c72e84c8c2a142b990b7547aa221f564d82)
    
    Signed-off-by: Khem Raj <raj khem gmail com>
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 .../libidn/0001-idn-format-security-warnings.patch |  181 ++++++++++++++++++++
 meta/recipes-extended/libidn/libidn_1.33.bb        |    1 +
 2 files changed, 182 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch 
b/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
new file mode 100644
index 0000000..5adc7d9
--- /dev/null
+++ b/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
@@ -0,0 +1,181 @@
+From 82f98dcbc429bbe89a9837c533cbcbc02e77c790 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <adraszik tycoint com>
+Date: Tue, 28 Jun 2016 12:43:31 +0100
+Subject: [PATCH] idn: fix printf() format security warnings
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+| ../../libidn-1.32/src/idn.c: In function 'main':
+| ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|        error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+|        ^~~~~
+| ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|      fprintf (stderr, _("Type each input string on a line by itself, "
+|      ^~~~~~~
+| ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|     error (EXIT_FAILURE, errno, _("input error"));
+|     ^~~~~
+| ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|         _("could not convert from UTF-8 to UCS-4"));
+|         ^
+| ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|         _("could not convert from UTF-8 to UCS-4"));
+|         ^
+| ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|       _("could not convert from UTF-8 to UCS-4"));
+|       ^
+| ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|       _("could not convert from UCS-4 to UTF-8"));
+|       ^
+| ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|       _("could not convert from UCS-4 to UTF-8"));
+|       ^
+| ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|         _("could not convert from UCS-4 to UTF-8"));
+|         ^
+| ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|       _("could not convert from UTF-8 to UCS-4"));
+|       ^
+| ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|      _("could not convert from UTF-8 to UCS-4"));
+|      ^
+| ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|       error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
+|       ^~~~~
+| ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments 
[-Werror=format-security]
+|      _("could not convert from UTF-8 to UCS-4"));
+|      ^
+
+Signed-off-by: André Draszik <adraszik tycoint com>
+---
+Upstream-Status: Pending
+
+ src/idn.c | 27 ++++++++++++++-------------
+ 1 file changed, 14 insertions(+), 13 deletions(-)
+
+diff --git a/src/idn.c b/src/idn.c
+index be1c7d1..68e4291 100644
+--- a/src/idn.c
++++ b/src/idn.c
+@@ -170,7 +170,7 @@ main (int argc, char *argv[])
+       (args_info.idna_to_unicode_given ? 1 : 0) +
+       (args_info.nfkc_given ? 1 : 0) != 1)
+     {
+-      error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));
++      error (0, 0, "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+       usage (EXIT_FAILURE);
+     }
+ 
+@@ -185,7 +185,7 @@ main (int argc, char *argv[])
+   if (!args_info.quiet_given
+       && args_info.inputs_num == 0
+       && isatty (fileno (stdin)))
+-    fprintf (stderr, _("Type each input string on a line by itself, "
++    fprintf (stderr, "%s", _("Type each input string on a line by itself, "
+                      "terminated by a newline character.\n"));
+ 
+   do
+@@ -197,7 +197,7 @@ main (int argc, char *argv[])
+         if (feof (stdin))
+           break;
+ 
+-        error (EXIT_FAILURE, errno, _("input error"));
++        error (EXIT_FAILURE, errno, "%s", _("input error"));
+       }
+ 
+       if (strlen (line) > 0)
+@@ -215,7 +215,7 @@ main (int argc, char *argv[])
+         if (!q)
+           {
+             free (p);
+-            error (EXIT_FAILURE, 0,
++            error (EXIT_FAILURE, 0, "%s",
+                    _("could not convert from UTF-8 to UCS-4"));
+           }
+ 
+@@ -240,7 +240,7 @@ main (int argc, char *argv[])
+         if (!q)
+           {
+             free (r);
+-            error (EXIT_FAILURE, 0,
++            error (EXIT_FAILURE, 0, "%s",
+                    _("could not convert from UTF-8 to UCS-4"));
+           }
+ 
+@@ -277,7 +277,7 @@ main (int argc, char *argv[])
+         q = stringprep_utf8_to_ucs4 (p, -1, &len);
+         free (p);
+         if (!q)
+-          error (EXIT_FAILURE, 0,
++          error (EXIT_FAILURE, 0, "%s",
+                  _("could not convert from UTF-8 to UCS-4"));
+ 
+         if (args_info.debug_given)
+@@ -336,7 +336,7 @@ main (int argc, char *argv[])
+         r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+         free (q);
+         if (!r)
+-          error (EXIT_FAILURE, 0,
++          error (EXIT_FAILURE, 0, "%s",
+                  _("could not convert from UCS-4 to UTF-8"));
+ 
+         p = stringprep_utf8_to_locale (r);
+@@ -360,7 +360,7 @@ main (int argc, char *argv[])
+         q = stringprep_utf8_to_ucs4 (p, -1, NULL);
+         free (p);
+         if (!q)
+-          error (EXIT_FAILURE, 0,
++          error (EXIT_FAILURE, 0, "%s",
+                  _("could not convert from UCS-4 to UTF-8"));
+ 
+         if (args_info.debug_given)
+@@ -438,7 +438,7 @@ main (int argc, char *argv[])
+         if (!q)
+           {
+             free (p);
+-            error (EXIT_FAILURE, 0,
++            error (EXIT_FAILURE, 0, "%s",
+                    _("could not convert from UCS-4 to UTF-8"));
+           }
+ 
+@@ -494,7 +494,7 @@ main (int argc, char *argv[])
+         r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+         free (q);
+         if (!r)
+-          error (EXIT_FAILURE, 0,
++          error (EXIT_FAILURE, 0, "%s",
+                  _("could not convert from UTF-8 to UCS-4"));
+ 
+         p = stringprep_utf8_to_locale (r);
+@@ -523,7 +523,7 @@ main (int argc, char *argv[])
+             if (!q)
+               {
+                 free (p);
+-                error (EXIT_FAILURE, 0,
++                error (EXIT_FAILURE, 0, "%s",
+                        _("could not convert from UTF-8 to UCS-4"));
+               }
+ 
+@@ -537,7 +537,8 @@ main (int argc, char *argv[])
+         r = stringprep_utf8_nfkc_normalize (p, -1);
+         free (p);
+         if (!r)
+-          error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
++          error (EXIT_FAILURE, 0, "%s",
++                 _("could not do NFKC normalization"));
+ 
+         if (args_info.debug_given)
+           {
+@@ -547,7 +548,7 @@ main (int argc, char *argv[])
+             if (!q)
+               {
+                 free (r);
+-                error (EXIT_FAILURE, 0,
++                error (EXIT_FAILURE, 0, "%s",
+                        _("could not convert from UTF-8 to UCS-4"));
+               }
+ 
+-- 
+2.8.1
+
diff --git a/meta/recipes-extended/libidn/libidn_1.33.bb b/meta/recipes-extended/libidn/libidn_1.33.bb
index 109cc7f..9e8bdba 100644
--- a/meta/recipes-extended/libidn/libidn_1.33.bb
+++ b/meta/recipes-extended/libidn/libidn_1.33.bb
@@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/libidn/${BPN}-${PV}.tar.gz \
            file://dont-depend-on-help2man.patch \
            file://0001-idn-fix-printf-format-security-warnings.patch \
            file://gcc7-compatibility.patch \
+           file://0001-idn-format-security-warnings.patch \
 "
 
 SRC_URI[md5sum] = "a9aa7e003665de9c82bd3f9fc6ccf308"


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]