diff options
| author |   Sergei Trofimovich <slyfox@gentoo.org> | 2020-03-25 19:46:02 +0000 |
|---|---|---|
| committer | Sergei Trofimovich <slyfox@gentoo.org> | 2020-03-25 19:46:18 +0000 |
| commit | c5ebe7c33f634a80a9137bdee9e856bc30e01509 (patch) | |
| tree | 0c820ba7de9b85d2616d60b8706aba8647b0f5c6 /app-text | |
| parent | app-cdr/isomaster: 1.3.15 (diff) | |
| download | gentoo-c5ebe7c33f634a80a9137bdee9e856bc30e01509.tar.gz gentoo-c5ebe7c33f634a80a9137bdee9e856bc30e01509.tar.bz2 gentoo-c5ebe7c33f634a80a9137bdee9e856bc30e01509.zip | |
app-text/fbpdf: backport -Werror=format-security fix, bug #714736
Reported-by: Toralf Förster
Closes: https://bugs.gentoo.org/714736
Package-Manager: Portage-2.3.95, Repoman-2.3.21
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Diffstat (limited to 'app-text')
| -rw-r--r-- | app-text/fbpdf/fbpdf-0_p20190202.ebuild | 3 | ||||
| -rw-r--r-- | app-text/fbpdf/files/fbpdf-0_p20190202-printf.patch | 38 |
2 files changed, 40 insertions, 1 deletions
diff --git a/app-text/fbpdf/fbpdf-0_p20190202.ebuild b/app-text/fbpdf/fbpdf-0_p20190202.ebuild index 029af2a8ece1..1ab615ca1074 100644 --- a/app-text/fbpdf/fbpdf-0_p20190202.ebuild +++ b/app-text/fbpdf/fbpdf-0_p20190202.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2019 Gentoo Authors +# Copyright 1999-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -34,6 +34,7 @@ S=${WORKDIR}/${P}-${COMMIT} PATCHES=( "${FILESDIR}"/${P}-use-pkg-config.patch + "${FILESDIR}"/${P}-printf.patch ) src_compile() { diff --git a/app-text/fbpdf/files/fbpdf-0_p20190202-printf.patch b/app-text/fbpdf/files/fbpdf-0_p20190202-printf.patch new file mode 100644 index 000000000000..31f9fbe2c8ab --- /dev/null +++ b/app-text/fbpdf/files/fbpdf-0_p20190202-printf.patch @@ -0,0 +1,38 @@ +https://bugs.gentoo.org/714736 + +From e89e36c01d09ca6aec03732e922e749257cac3f4 Mon Sep 17 00:00:00 2001 +From: Dmitry Bogatov <KAction@disroot.org> +Date: Sun, 9 Feb 2020 00:47:09 -0500 +Subject: [PATCH] Avoid passing non-constant format string to printf + +gcc complains loudly on any code that uses anything but string literal +as format string to printf. Right now format string is "const char *" +and does not contain %-sequences, but should '%' appear in "usage" +string in future, bad things would happen. + +Since formatting functionality of "printf" is not used anyway, replacing +it with "puts" makes code both safer and easier to understand. +--- + fbpdf.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/fbpdf.c b/fbpdf.c +index a58797f..65b654b 100644 +--- a/fbpdf.c ++++ b/fbpdf.c +@@ -351,13 +351,13 @@ static void mainloop(void) + } + + static char *usage = +- "usage: fbpdf [-r rotation] [-z zoom x10] [-p page] filename\n"; ++ "usage: fbpdf [-r rotation] [-z zoom x10] [-p page] filename"; + + int main(int argc, char *argv[]) + { + int i = 1; + if (argc < 2) { +- printf(usage); ++ puts(usage); + return 1; + } + strcpy(filename, argv[argc - 1]); |