[mup] Patch errors resulting from the use of "-Werror=format-security" (#1037208)

Greg Bailey gbailey at fedoraproject.org
Mon Dec 16 18:24:26 UTC 2013 

commit 579d83e60b8929a32c5ea8e656f6e89a18b27e75
Author: Greg Bailey <gbailey at lxpro.com>
Date:   Mon Dec 16 11:23:19 2013 -0700

    Patch errors resulting from the use of "-Werror=format-security" (#1037208)

 bz1037208-fmt-sec.patch |   84 +++++++++++++++++++++++++++++++++++++++++++++++
 mup.spec                |   10 ++++-
 2 files changed, 92 insertions(+), 2 deletions(-)
---
diff --git a/bz1037208-fmt-sec.patch b/bz1037208-fmt-sec.patch
new file mode 100644
index 0000000..b3ec449
--- /dev/null
+++ b/bz1037208-fmt-sec.patch
@@ -0,0 +1,84 @@
+diff -uNr mup-6.2.orig/extras/gram.y mup-6.2/extras/gram.y
+--- mup-6.2.orig/extras/gram.y	2013-09-09 16:57:45.000000000 -0700
++++ mup-6.2/extras/gram.y	2013-12-16 10:37:01.064354813 -0700
+@@ -3933,7 +3933,7 @@
+ 		MALLOCA(char, $$, strlen($1) + 3);
+ 		$$[0] = FONT_TR;
+ 		$$[1] = DFLT_SIZE;
+-		sprintf($$ + 2, $1);
++		sprintf($$ + 2, "%s", $1);
+ 	}
+ 
+ 	|
+diff -uNr mup-6.2.orig/mup/main.c mup-6.2/mup/main.c
+--- mup-6.2.orig/mup/main.c	2013-08-30 20:55:48.000000000 -0700
++++ mup-6.2/mup/main.c	2013-12-16 10:37:01.065354821 -0700
+@@ -661,7 +661,7 @@
+ 
+ 		/* add enough white space to line things up */
+ 		if ((length = strlen(Option_list[n].argument)) < white_length) {
+-			fprintf(stderr, whitespace + length);
++			fprintf(stderr, "%s", whitespace + length);
+ 		}
+ 
+ 		fprintf(stderr, " %s\n", Option_list[n].explanation);
+diff -uNr mup-6.2.orig/mup/ytab.c mup-6.2/mup/ytab.c
+--- mup-6.2.orig/mup/ytab.c	2013-10-22 17:10:57.000000000 -0700
++++ mup-6.2/mup/ytab.c	2013-12-16 10:40:38.488978979 -0700
+@@ -7021,7 +7021,7 @@
+ 		MALLOCA(char, (yyval.stringval), strlen((yyvsp[(1) - (1)].stringval)) + 3);
+ 		(yyval.stringval)[0] = FONT_TR;
+ 		(yyval.stringval)[1] = DFLT_SIZE;
+-		sprintf((yyval.stringval) + 2, (yyvsp[(1) - (1)].stringval));
++		sprintf((yyval.stringval) + 2, "%s", (yyvsp[(1) - (1)].stringval));
+ 	}
+     break;
+ 
+diff -uNr mup-6.2.orig/mupdisp/mupdisp.c mup-6.2/mupdisp/mupdisp.c
+--- mup-6.2.orig/mupdisp/mupdisp.c	2013-10-24 17:23:12.000000000 -0700
++++ mup-6.2/mupdisp/mupdisp.c	2013-12-16 10:37:01.066354828 -0700
+@@ -320,7 +320,7 @@
+ 	}
+ 	/* if there is an error message to print, do so */
+ 	if (Exit_errmsg != (char *) 0) {
+-		fprintf(stderr, Exit_errmsg);
++		fprintf(stderr, "%s", Exit_errmsg);
+ 		
+ 		/* if there is a ghostscript error file, print it */
+ 		if (status != 0) {
+diff -uNr mup-6.2.orig/mupmate/File.C mup-6.2/mupmate/File.C
+--- mup-6.2.orig/mupmate/File.C	2013-01-31 19:41:47.000000000 -0700
++++ mup-6.2/mupmate/File.C	2013-12-16 10:37:01.067354835 -0700
+@@ -234,7 +234,7 @@
+ 		}
+ 		else {
+ 			filename = new char[strlen(newfile) + 1];
+-			(void) sprintf(filename, newfile);
++			(void) sprintf(filename, "%s", newfile);
+ 		}
+ 
+ 		set_window_label();
+diff -uNr mup-6.2.orig/mupmate/Main.C mup-6.2/mupmate/Main.C
+--- mup-6.2.orig/mupmate/Main.C	2013-10-24 17:49:48.000000000 -0700
++++ mup-6.2/mupmate/Main.C	2013-12-16 10:37:01.068354843 -0700
+@@ -860,7 +860,7 @@
+ 				"Fix setting of \"Folder for Mup Files\"\n"
+ 				"in Config->File Locations.",
+ 				mup_dir, curr_dir);
+-			fl_alert(message);
++			fl_alert("%s", message);
+ 		}
+ 	}
+ 
+diff -uNr mup-6.2.orig/mupmate/Run.C mup-6.2/mupmate/Run.C
+--- mup-6.2.orig/mupmate/Run.C	2013-01-31 19:41:47.000000000 -0700
++++ mup-6.2/mupmate/Run.C	2013-12-16 10:37:01.068354843 -0700
+@@ -1002,7 +1002,7 @@
+ 			// Probably core dump :-(
+ 			fl_alert("Mup exited due to signal %d.", WTERMSIG(ret));
+ 		} else {
+-			fl_alert(Unknown_Mup_failure);
++			fl_alert("%s", Unknown_Mup_failure);
+ 		}
+ #else // WIF... macros not defined
+ 		if (ret == -1) {
diff --git a/mup.spec b/mup.spec
index 524ffb6..795ff1c 100644
--- a/mup.spec
+++ b/mup.spec
@@ -3,7 +3,7 @@
 Name:           mup
 Version:        6.2
 
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A music notation program that can also generate MIDI files
 Group:          Applications/Multimedia
 License:        Mup
@@ -13,6 +13,7 @@ URL:            http://www.arkkra.com
 
 Source0:        ftp://ftp.arkkra.com/pub/unix/mup%{versionnodot}src.tar.gz
 Source1:        mupmate.desktop
+Patch:          bz1037208-fmt-sec.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  glibc-devel
 BuildRequires:  fltk-devel
@@ -32,6 +33,7 @@ musical score described by the input.
 
 %prep
 %setup -q
+%patch -p1
 
 # Preserve the timestamp of files that we copy from the Mup source tree
 sed -i -e 's|cp |cp -p |' makefile
@@ -40,7 +42,7 @@ sed -i -e 's|cp |cp -p |' makefile
 sed -i -e 's|/usr/share/doc/packages/mup|%{_pkgdocdir}|' mupmate/Preferences.C
 
 %build
-make %{?_smp_mflags} CFLAGS="%{optflags}" LIBDIR="%{_datadir}/%{name}" DOCDIR="%{_pkgdocdir}"
+make %{?_smp_mflags} CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" LIBDIR="%{_datadir}/%{name}" DOCDIR="%{_pkgdocdir}"
 
 %install
 rm -rf %{buildroot}
@@ -65,6 +67,10 @@ rm -rf %{buildroot}
 %{_datadir}/pixmaps/*
 
 %changelog
+* Mon Dec 16 2013 Greg Bailey <gbailey at lxpro.com> - 6.2-2
+- Patch errors resulting from the use of "-Werror=format-security" (#1037208)
+- See https://fedorahosted.org/fesco/ticket/1185
+
 * Mon Nov 25 2013 Greg Bailey <gbailey at lxpro.com> - 6.2-1
 - Update to 6.2

More information about the scm-commits mailing list