[mup] Patch errors resulting from the use of "-Werror=format-security" (#1037208)
Greg Bailey
gbailey at fedoraproject.org
Mon Dec 16 18:24:26 UTC 2013
commit 579d83e60b8929a32c5ea8e656f6e89a18b27e75
Author: Greg Bailey <gbailey at lxpro.com>
Date: Mon Dec 16 11:23:19 2013 -0700
Patch errors resulting from the use of "-Werror=format-security" (#1037208)
bz1037208-fmt-sec.patch | 84 +++++++++++++++++++++++++++++++++++++++++++++++
mup.spec | 10 ++++-
2 files changed, 92 insertions(+), 2 deletions(-)
---
diff --git a/bz1037208-fmt-sec.patch b/bz1037208-fmt-sec.patch
new file mode 100644
index 0000000..b3ec449
--- /dev/null
+++ b/bz1037208-fmt-sec.patch
@@ -0,0 +1,84 @@
+diff -uNr mup-6.2.orig/extras/gram.y mup-6.2/extras/gram.y
+--- mup-6.2.orig/extras/gram.y 2013-09-09 16:57:45.000000000 -0700
++++ mup-6.2/extras/gram.y 2013-12-16 10:37:01.064354813 -0700
+@@ -3933,7 +3933,7 @@
+ MALLOCA(char, $$, strlen($1) + 3);
+ $$[0] = FONT_TR;
+ $$[1] = DFLT_SIZE;
+- sprintf($$ + 2, $1);
++ sprintf($$ + 2, "%s", $1);
+ }
+
+ |
+diff -uNr mup-6.2.orig/mup/main.c mup-6.2/mup/main.c
+--- mup-6.2.orig/mup/main.c 2013-08-30 20:55:48.000000000 -0700
++++ mup-6.2/mup/main.c 2013-12-16 10:37:01.065354821 -0700
+@@ -661,7 +661,7 @@
+
+ /* add enough white space to line things up */
+ if ((length = strlen(Option_list[n].argument)) < white_length) {
+- fprintf(stderr, whitespace + length);
++ fprintf(stderr, "%s", whitespace + length);
+ }
+
+ fprintf(stderr, " %s\n", Option_list[n].explanation);
+diff -uNr mup-6.2.orig/mup/ytab.c mup-6.2/mup/ytab.c
+--- mup-6.2.orig/mup/ytab.c 2013-10-22 17:10:57.000000000 -0700
++++ mup-6.2/mup/ytab.c 2013-12-16 10:40:38.488978979 -0700
+@@ -7021,7 +7021,7 @@
+ MALLOCA(char, (yyval.stringval), strlen((yyvsp[(1) - (1)].stringval)) + 3);
+ (yyval.stringval)[0] = FONT_TR;
+ (yyval.stringval)[1] = DFLT_SIZE;
+- sprintf((yyval.stringval) + 2, (yyvsp[(1) - (1)].stringval));
++ sprintf((yyval.stringval) + 2, "%s", (yyvsp[(1) - (1)].stringval));
+ }
+ break;
+
+diff -uNr mup-6.2.orig/mupdisp/mupdisp.c mup-6.2/mupdisp/mupdisp.c
+--- mup-6.2.orig/mupdisp/mupdisp.c 2013-10-24 17:23:12.000000000 -0700
++++ mup-6.2/mupdisp/mupdisp.c 2013-12-16 10:37:01.066354828 -0700
+@@ -320,7 +320,7 @@
+ }
+ /* if there is an error message to print, do so */
+ if (Exit_errmsg != (char *) 0) {
+- fprintf(stderr, Exit_errmsg);
++ fprintf(stderr, "%s", Exit_errmsg);
+
+ /* if there is a ghostscript error file, print it */
+ if (status != 0) {
+diff -uNr mup-6.2.orig/mupmate/File.C mup-6.2/mupmate/File.C
+--- mup-6.2.orig/mupmate/File.C 2013-01-31 19:41:47.000000000 -0700
++++ mup-6.2/mupmate/File.C 2013-12-16 10:37:01.067354835 -0700
+@@ -234,7 +234,7 @@
+ }
+ else {
+ filename = new char[strlen(newfile) + 1];
+- (void) sprintf(filename, newfile);
++ (void) sprintf(filename, "%s", newfile);
+ }
+
+ set_window_label();
+diff -uNr mup-6.2.orig/mupmate/Main.C mup-6.2/mupmate/Main.C
+--- mup-6.2.orig/mupmate/Main.C 2013-10-24 17:49:48.000000000 -0700
++++ mup-6.2/mupmate/Main.C 2013-12-16 10:37:01.068354843 -0700
+@@ -860,7 +860,7 @@
+ "Fix setting of \"Folder for Mup Files\"\n"
+ "in Config->File Locations.",
+ mup_dir, curr_dir);
+- fl_alert(message);
++ fl_alert("%s", message);
+ }
+ }
+
+diff -uNr mup-6.2.orig/mupmate/Run.C mup-6.2/mupmate/Run.C
+--- mup-6.2.orig/mupmate/Run.C 2013-01-31 19:41:47.000000000 -0700
++++ mup-6.2/mupmate/Run.C 2013-12-16 10:37:01.068354843 -0700
+@@ -1002,7 +1002,7 @@
+ // Probably core dump :-(
+ fl_alert("Mup exited due to signal %d.", WTERMSIG(ret));
+ } else {
+- fl_alert(Unknown_Mup_failure);
++ fl_alert("%s", Unknown_Mup_failure);
+ }
+ #else // WIF... macros not defined
+ if (ret == -1) {
diff --git a/mup.spec b/mup.spec
index 524ffb6..795ff1c 100644
--- a/mup.spec
+++ b/mup.spec
@@ -3,7 +3,7 @@
Name: mup
Version: 6.2
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A music notation program that can also generate MIDI files
Group: Applications/Multimedia
License: Mup
@@ -13,6 +13,7 @@ URL: http://www.arkkra.com
Source0: ftp://ftp.arkkra.com/pub/unix/mup%{versionnodot}src.tar.gz
Source1: mupmate.desktop
+Patch: bz1037208-fmt-sec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: glibc-devel
BuildRequires: fltk-devel
@@ -32,6 +33,7 @@ musical score described by the input.
%prep
%setup -q
+%patch -p1
# Preserve the timestamp of files that we copy from the Mup source tree
sed -i -e 's|cp |cp -p |' makefile
@@ -40,7 +42,7 @@ sed -i -e 's|cp |cp -p |' makefile
sed -i -e 's|/usr/share/doc/packages/mup|%{_pkgdocdir}|' mupmate/Preferences.C
%build
-make %{?_smp_mflags} CFLAGS="%{optflags}" LIBDIR="%{_datadir}/%{name}" DOCDIR="%{_pkgdocdir}"
+make %{?_smp_mflags} CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" LIBDIR="%{_datadir}/%{name}" DOCDIR="%{_pkgdocdir}"
%install
rm -rf %{buildroot}
@@ -65,6 +67,10 @@ rm -rf %{buildroot}
%{_datadir}/pixmaps/*
%changelog
+* Mon Dec 16 2013 Greg Bailey <gbailey at lxpro.com> - 6.2-2
+- Patch errors resulting from the use of "-Werror=format-security" (#1037208)
+- See https://fedorahosted.org/fesco/ticket/1185
+
* Mon Nov 25 2013 Greg Bailey <gbailey at lxpro.com> - 6.2-1
- Update to 6.2
More information about the scm-commits
mailing list