[cvs] Fix compilation with -Wformat-security
Petr Pisar
ppisar at fedoraproject.org
Tue Dec 3 15:08:11 UTC 2013
commit a14f2309ba82c37f06ce76f1ec785c7bc489ef47
Author: Petr Písař <ppisar at redhat.com>
Date: Tue Dec 3 15:44:18 2013 +0100
Fix compilation with -Wformat-security
...23-Pass-compilation-with-Wformat-security.patch | 73 ++++++++++++++++++++
cvs.spec | 9 ++-
2 files changed, 81 insertions(+), 1 deletions(-)
---
diff --git a/cvs-1.11.23-Pass-compilation-with-Wformat-security.patch b/cvs-1.11.23-Pass-compilation-with-Wformat-security.patch
new file mode 100644
index 0000000..4922715
--- /dev/null
+++ b/cvs-1.11.23-Pass-compilation-with-Wformat-security.patch
@@ -0,0 +1,73 @@
+From 52093add7b3f38156e632fa81fcf1c0b6ad4d549 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar at redhat.com>
+Date: Tue, 3 Dec 2013 15:11:14 +0100
+Subject: [PATCH] Pass compilation with -Wformat-security
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Petr Písař <ppisar at redhat.com>
+---
+ diff/diff3.c | 2 +-
+ src/main.c | 2 +-
+ src/subr.c | 12 ++++--------
+ 3 files changed, 6 insertions(+), 10 deletions(-)
+
+diff --git a/diff/diff3.c b/diff/diff3.c
+index 006039f..e9418ce 100644
+--- a/diff/diff3.c
++++ b/diff/diff3.c
+@@ -1505,7 +1505,7 @@ output_diff3 (diff, mapping, rev_mapping)
+ line = 0;
+ do
+ {
+- printf_output (line_prefix);
++ printf_output ("%s", line_prefix);
+ cp = D_RELNUM (ptr, realfile, line);
+ length = D_RELLEN (ptr, realfile, line);
+ write_output (cp, length);
+diff --git a/src/main.c b/src/main.c
+index 24a6e6f..e7f0439 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -1154,6 +1154,6 @@ usage (cpp)
+ {
+ (void) fprintf (stderr, *cpp++, program_name, cvs_cmd_name);
+ for (; *cpp; cpp++)
+- (void) fprintf (stderr, *cpp);
++ (void) fprintf (stderr, "%s", *cpp);
+ error_exit ();
+ }
+diff --git a/src/subr.c b/src/subr.c
+index 0725503..94907ce 100644
+--- a/src/subr.c
++++ b/src/subr.c
+@@ -46,10 +46,8 @@ xmalloc (bytes)
+ cp = malloc (bytes);
+ if (cp == NULL)
+ {
+- char buf[80];
+- sprintf (buf, "out of memory; can not allocate %lu bytes",
+- (unsigned long) bytes);
+- error (1, 0, buf);
++ error (1, 0, "out of memory; can not allocate %lu bytes",
++ (unsigned long) bytes);
+ }
+ return (cp);
+ }
+@@ -73,10 +71,8 @@ xrealloc (ptr, bytes)
+
+ if (cp == NULL)
+ {
+- char buf[80];
+- sprintf (buf, "out of memory; can not reallocate %lu bytes",
+- (unsigned long) bytes);
+- error (1, 0, buf);
++ error (1, 0, "out of memory; can not reallocate %lu bytes",
++ (unsigned long) bytes);
+ }
+ return (cp);
+ }
+--
+1.8.3.1
+
diff --git a/cvs.spec b/cvs.spec
index 45d2009..772ed78 100644
--- a/cvs.spec
+++ b/cvs.spec
@@ -5,7 +5,7 @@
Name: cvs
Version: 1.11.23
-Release: 34%{?dist}
+Release: 35%{?dist}
Summary: Concurrent Versions System
Group: Development/Tools
URL: http://cvs.nongnu.org/
@@ -96,6 +96,9 @@ Patch28: cvs-1.11.23-Fix-proxy-response-parser.patch
Patch29: cvs-1.11.23-doc-Add-mandatory-argument-to-sp.patch
# Excpect crypt(3) can return NULL, bug #966497, upstream bug #39040
Patch30: cvs-1.11.23-crypt-2.diff
+# Pass compilation with -Wformat-security, bug #1037029, submitted to upstream
+# as bug #40787
+Patch31: cvs-1.11.23-Pass-compilation-with-Wformat-security.patch
%description
CVS (Concurrent Versions System) is a version control system that can
@@ -183,6 +186,7 @@ pages in PDF.
%patch28 -p1 -b .proxy_response_parser
%patch29 -p1 -b .texinfo_sp
%patch30 -p1 -b .null_crypt
+%patch31 -p1 -b .format
# Apply a patch to the generated files, OR
# run autoreconf and require autoconf >= 2.58, automake >= 1.7.9
@@ -286,6 +290,9 @@ exit 0
%changelog
+* Tue Dec 03 2013 Petr Pisar <ppisar at redhat.com> - 1.11.23-35
+- Fix compilation with -Wformat-security (bug #1037029)
+
* Wed Oct 23 2013 Petr Pisar <ppisar at redhat.com> - 1.11.23-34
- Harden build for cvs in server role (bug #983164)
- Add cvs.sh(5) manual page (bug #983164)
More information about the scm-commits
mailing list