[gnome-continuous-yocto/gnomeostree-3.28-rocko: 5982/8267] libidn: Fix hardened build with musl
- From: Emmanuele Bassi <ebassi src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-continuous-yocto/gnomeostree-3.28-rocko: 5982/8267] libidn: Fix hardened build with musl
- Date: Sun, 17 Dec 2017 04:12:12 +0000 (UTC)
commit 5205a9c603eae081b83bc824d399e3ca0e606a81
Author: Khem Raj <raj khem gmail com>
Date: Sun May 21 22:00:32 2017 -0700
libidn: Fix hardened build with musl
Re-introduce the patch that was deemed to be not needed
but it infact is still needed with musl
(From OE-Core rev: 3ba88c72e84c8c2a142b990b7547aa221f564d82)
Signed-off-by: Khem Raj <raj khem gmail com>
Signed-off-by: Ross Burton <ross burton intel com>
Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>
.../libidn/0001-idn-format-security-warnings.patch | 181 ++++++++++++++++++++
meta/recipes-extended/libidn/libidn_1.33.bb | 1 +
2 files changed, 182 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
b/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
new file mode 100644
index 0000000..5adc7d9
--- /dev/null
+++ b/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
@@ -0,0 +1,181 @@
+From 82f98dcbc429bbe89a9837c533cbcbc02e77c790 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <adraszik tycoint com>
+Date: Tue, 28 Jun 2016 12:43:31 +0100
+Subject: [PATCH] idn: fix printf() format security warnings
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+| ../../libidn-1.32/src/idn.c: In function 'main':
+| ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments
[-Werror=format-security]
+| error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+| ^~~~~
+| ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments
[-Werror=format-security]
+| fprintf (stderr, _("Type each input string on a line by itself, "
+| ^~~~~~~
+| ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments
[-Werror=format-security]
+| error (EXIT_FAILURE, errno, _("input error"));
+| ^~~~~
+| ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UTF-8 to UCS-4"));
+| ^
+| ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UTF-8 to UCS-4"));
+| ^
+| ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UTF-8 to UCS-4"));
+| ^
+| ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UCS-4 to UTF-8"));
+| ^
+| ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UCS-4 to UTF-8"));
+| ^
+| ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UCS-4 to UTF-8"));
+| ^
+| ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UTF-8 to UCS-4"));
+| ^
+| ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UTF-8 to UCS-4"));
+| ^
+| ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments
[-Werror=format-security]
+| error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
+| ^~~~~
+| ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments
[-Werror=format-security]
+| _("could not convert from UTF-8 to UCS-4"));
+| ^
+
+Signed-off-by: André Draszik <adraszik tycoint com>
+---
+Upstream-Status: Pending
+
+ src/idn.c | 27 ++++++++++++++-------------
+ 1 file changed, 14 insertions(+), 13 deletions(-)
+
+diff --git a/src/idn.c b/src/idn.c
+index be1c7d1..68e4291 100644
+--- a/src/idn.c
++++ b/src/idn.c
+@@ -170,7 +170,7 @@ main (int argc, char *argv[])
+ (args_info.idna_to_unicode_given ? 1 : 0) +
+ (args_info.nfkc_given ? 1 : 0) != 1)
+ {
+- error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));
++ error (0, 0, "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+ usage (EXIT_FAILURE);
+ }
+
+@@ -185,7 +185,7 @@ main (int argc, char *argv[])
+ if (!args_info.quiet_given
+ && args_info.inputs_num == 0
+ && isatty (fileno (stdin)))
+- fprintf (stderr, _("Type each input string on a line by itself, "
++ fprintf (stderr, "%s", _("Type each input string on a line by itself, "
+ "terminated by a newline character.\n"));
+
+ do
+@@ -197,7 +197,7 @@ main (int argc, char *argv[])
+ if (feof (stdin))
+ break;
+
+- error (EXIT_FAILURE, errno, _("input error"));
++ error (EXIT_FAILURE, errno, "%s", _("input error"));
+ }
+
+ if (strlen (line) > 0)
+@@ -215,7 +215,7 @@ main (int argc, char *argv[])
+ if (!q)
+ {
+ free (p);
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UTF-8 to UCS-4"));
+ }
+
+@@ -240,7 +240,7 @@ main (int argc, char *argv[])
+ if (!q)
+ {
+ free (r);
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UTF-8 to UCS-4"));
+ }
+
+@@ -277,7 +277,7 @@ main (int argc, char *argv[])
+ q = stringprep_utf8_to_ucs4 (p, -1, &len);
+ free (p);
+ if (!q)
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UTF-8 to UCS-4"));
+
+ if (args_info.debug_given)
+@@ -336,7 +336,7 @@ main (int argc, char *argv[])
+ r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+ free (q);
+ if (!r)
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UCS-4 to UTF-8"));
+
+ p = stringprep_utf8_to_locale (r);
+@@ -360,7 +360,7 @@ main (int argc, char *argv[])
+ q = stringprep_utf8_to_ucs4 (p, -1, NULL);
+ free (p);
+ if (!q)
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UCS-4 to UTF-8"));
+
+ if (args_info.debug_given)
+@@ -438,7 +438,7 @@ main (int argc, char *argv[])
+ if (!q)
+ {
+ free (p);
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UCS-4 to UTF-8"));
+ }
+
+@@ -494,7 +494,7 @@ main (int argc, char *argv[])
+ r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+ free (q);
+ if (!r)
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UTF-8 to UCS-4"));
+
+ p = stringprep_utf8_to_locale (r);
+@@ -523,7 +523,7 @@ main (int argc, char *argv[])
+ if (!q)
+ {
+ free (p);
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UTF-8 to UCS-4"));
+ }
+
+@@ -537,7 +537,8 @@ main (int argc, char *argv[])
+ r = stringprep_utf8_nfkc_normalize (p, -1);
+ free (p);
+ if (!r)
+- error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
++ error (EXIT_FAILURE, 0, "%s",
++ _("could not do NFKC normalization"));
+
+ if (args_info.debug_given)
+ {
+@@ -547,7 +548,7 @@ main (int argc, char *argv[])
+ if (!q)
+ {
+ free (r);
+- error (EXIT_FAILURE, 0,
++ error (EXIT_FAILURE, 0, "%s",
+ _("could not convert from UTF-8 to UCS-4"));
+ }
+
+--
+2.8.1
+
diff --git a/meta/recipes-extended/libidn/libidn_1.33.bb b/meta/recipes-extended/libidn/libidn_1.33.bb
index 109cc7f..9e8bdba 100644
--- a/meta/recipes-extended/libidn/libidn_1.33.bb
+++ b/meta/recipes-extended/libidn/libidn_1.33.bb
@@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/libidn/${BPN}-${PV}.tar.gz \
file://dont-depend-on-help2man.patch \
file://0001-idn-fix-printf-format-security-warnings.patch \
file://gcc7-compatibility.patch \
+ file://0001-idn-format-security-warnings.patch \
"
SRC_URI[md5sum] = "a9aa7e003665de9c82bd3f9fc6ccf308"
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
