[pl] Inhibit format-security compiler warning on custom sscanf() parser

Petr Pisar ppisar at fedoraproject.org
Tue Dec 3 09:44:17 UTC 2013 

commit 50e7afc73dafff3de8712366e7187774108534f6
Author: Petr Písař <ppisar at redhat.com>
Date:   Tue Dec 3 10:24:46 2013 +0100

    Inhibit format-security compiler warning on custom sscanf() parser

 ...piler-warning-on-sscanf-without-arguments.patch |   39 ++++++++++++++++++++
 pl.spec                                            |    8 ++++
 2 files changed, 47 insertions(+), 0 deletions(-)
---
diff --git a/pl-6.6.0-xpce-Inhibit-compiler-warning-on-sscanf-without-arguments.patch b/pl-6.6.0-xpce-Inhibit-compiler-warning-on-sscanf-without-arguments.patch
new file mode 100644
index 0000000..3132806
--- /dev/null
+++ b/pl-6.6.0-xpce-Inhibit-compiler-warning-on-sscanf-without-arguments.patch
@@ -0,0 +1,39 @@
+From ad7eedc7eb9051443548392884d8c349341fe2f1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar at redhat.com>
+Date: Tue, 3 Dec 2013 10:01:55 +0100
+Subject: [PATCH] Inhibit compiler warning on sscanf() without arguments
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This code will not pass if GCC is invoked with
+-Werror=format-security. This is a false positive as the format string
+is sanitized before.
+
+<https://bugzilla.redhat.com/show_bug.cgi?id=1037250>
+
+Signed-off-by: Petr Písař <ppisar at redhat.com>
+---
+ src/ker/goodies.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/ker/goodies.c b/src/ker/goodies.c
+index 153a685..039858a 100644
+--- a/src/ker/goodies.c
++++ b/src/ker/goodies.c
+@@ -845,7 +845,11 @@ scanstr(char *str, char *fmt, Any *r)
+   ar = vsscanf(str, fmt, (va_list) ptrs);
+ #else
+   switch(argn)
+-  { case 0:	ar = sscanf(str, fmt); break;
++  {
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wformat-security"
++    case 0:	ar = sscanf(str, fmt); break;
++#pragma GCC diagnostic pop
+     case 1:	ar = sscanf(str, fmt, ptrs[0]); break;
+     case 2:	ar = sscanf(str, fmt, ptrs[0], ptrs[1]); break;
+     case 3:	ar = sscanf(str, fmt, ptrs[0], ptrs[1], ptrs[2]);
+-- 
+1.8.3.1
+
diff --git a/pl.spec b/pl.spec
index edff11d..3e924e8 100644
--- a/pl.spec
+++ b/pl.spec
@@ -41,6 +41,8 @@ Patch1:     %{name}-6.2.2-jpl-configure.patch
 Patch2:     %{name}-5.10.5-man-files.patch
 Patch3:     %{name}-6.0.2-jni.patch
 Patch4:     %{name}-6.2.0-pc.patch
+# Pass -Werrror=format-security, bug #1037250
+Patch5:     %{name}-6.6.0-xpce-Inhibit-compiler-warning-on-sscanf-without-arguments.patch
 
 # Base
 BuildRequires:  gmp-devel
@@ -195,6 +197,10 @@ in Prolog. In both setups it provides a re-entrant bidirectional interface.
 %patch3 -p1 -b .jni
 %patch4 -p1 -b .pc
 (
+cd packages/xpce
+%patch5 -p1 -b .format
+)
+(
    cd src
    autoconf
 )
@@ -355,6 +361,8 @@ find packages/jpl/examples -name ".cvsignore" | xargs rm -f
 %changelog
 * Mon Dec 02 2013 Petr Pisar <ppisar at redhat.com> - 6.6.0-1
 - 6.6.0 bump
+- Inhibit format-security compiler warning on custom sscanf() parser
+  (bug #1037250)
 
 * Tue Sep 03 2013 Petr Pisar <ppisar at redhat.com> - 6.4.1-1
 - 6.4.1 bump

More information about the scm-commits mailing list