[dx] minor fixes
Dominik Mierzejewski
rathann at fedoraproject.org
Thu Feb 27 15:22:46 UTC 2014
commit 4a3b935d377d54a8ed280032b48e83c6b177bda6
Author: Dominik Mierzejewski <rpm at greysector.net>
Date: Thu Feb 27 16:23:10 2014 +0100
minor fixes
- drop ancient Obsoletes (bug #1002099)
- rebuild to fix bug #925284
- fix -Werror=format-security errors (bug #1037047)
dx-format-security.patch | 244 ++++++++++++++++++++++++++++++++++++++++++++++
dx.spec | 12 ++-
2 files changed, 254 insertions(+), 2 deletions(-)
---
diff --git a/dx-format-security.patch b/dx-format-security.patch
new file mode 100644
index 0000000..322a9bb
--- /dev/null
+++ b/dx-format-security.patch
@@ -0,0 +1,244 @@
+diff -up dx-4.4.4/src/exec/dpexec/dxmain.c.format-security dx-4.4.4/src/exec/dpexec/dxmain.c
+--- dx-4.4.4/src/exec/dpexec/dxmain.c.format-security 2006-05-08 18:20:03.000000000 +0200
++++ dx-4.4.4/src/exec/dpexec/dxmain.c 2014-02-27 16:15:07.355502827 +0100
+@@ -2129,7 +2129,7 @@ int ExCheckInput ()
+ if ((SFILEisatty(yyin) || (_dxd_exRshInput && yyin == _dxd_exBaseFD)) &&
+ !prompted && _dxf_ExGQAllDone() && !SFILECharReady(yyin)) {
+ prompt = _dxf_ExPromptGet(PROMPT_ID_PROMPT);
+- printf (prompt? prompt: EX_PROMPT);
++ printf ("%s", prompt? prompt: EX_PROMPT);
+ fflush (stdout);
+ prompted = TRUE;
+ }
+@@ -2305,7 +2305,7 @@ static int ExInputAvailable (SFILE *fp)
+ _dxf_ExGQAllDone ())\
+ {\
+ prompt = _dxf_ExPromptGet (PROMPT_ID_PROMPT);\
+- printf (prompt ? prompt : EX_PROMPT);\
++ printf ("%s", prompt ? prompt : EX_PROMPT);\
+ fflush (stdout);\
+ prompted = TRUE;\
+ }\
+diff -up dx-4.4.4/src/exec/dpexec/lex.c.format-security dx-4.4.4/src/exec/dpexec/lex.c
+--- dx-4.4.4/src/exec/dpexec/lex.c.format-security 2014-02-27 16:15:07.352502818 +0100
++++ dx-4.4.4/src/exec/dpexec/lex.c 2014-02-27 16:15:07.355502827 +0100
+@@ -649,7 +649,7 @@ int yylex(YYSTYPE *lvalp)
+ if ((_dxd_exIsatty || _dxd_exRshInput) && !SFILECharReady(yyin))
+ {
+ prompt = _dxf_ExPromptGet(PROMPT_ID_CPROMPT);
+- printf (prompt? prompt: EX_CPROMPT);
++ printf ("%s",prompt? prompt: EX_CPROMPT);
+ fflush (stdout);
+ }
+ break;
+diff -up dx-4.4.4/src/exec/dxmods/colormap.c.format-security dx-4.4.4/src/exec/dxmods/colormap.c
+--- dx-4.4.4/src/exec/dxmods/colormap.c.format-security 2002-03-21 18:09:58.000000000 +0100
++++ dx-4.4.4/src/exec/dxmods/colormap.c 2014-02-27 16:15:07.356502830 +0100
+@@ -1167,7 +1167,7 @@ Error print_map(Field f,char *component,
+ if (!ei.msgbuf)
+ return ERROR;
+ ei.mp = ei.msgbuf;
+- sprintf(ei.mp,name); while(*ei.mp) ei.mp++;
++ sprintf("%s",ei.mp,name); while(*ei.mp) ei.mp++;
+ sprintf(ei.mp, "NULL");
+ DXUIMessage(id,ei.msgbuf);
+ DXFree(ei.msgbuf);
+@@ -1186,7 +1186,7 @@ Error print_map(Field f,char *component,
+ ei.mp = ei.msgbuf;
+ shape[0]=2;
+ strcpy(ei.mp,"");
+- sprintf(ei.mp,name); while(*ei.mp) ei.mp++;
++ sprintf("%s",ei.mp,name); while(*ei.mp) ei.mp++;
+ if (num==1){
+ sprintf(ei.mp,"{"); ei.mp++;
+ }
+diff -up dx-4.4.4/src/exec/dxmods/exp_gai.c.format-security dx-4.4.4/src/exec/dxmods/exp_gai.c
+--- dx-4.4.4/src/exec/dxmods/exp_gai.c.format-security 2000-08-24 22:04:29.000000000 +0200
++++ dx-4.4.4/src/exec/dxmods/exp_gai.c 2014-02-27 16:15:07.356502830 +0100
+@@ -422,7 +422,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -439,7 +439,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -456,7 +456,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -473,7 +473,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -490,7 +490,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -507,7 +507,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -524,7 +524,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -541,7 +541,7 @@ static Error pvalue(struct array_info *a
+ if (first == ON)
+ first = OFF;
+ else
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else
+@@ -554,7 +554,7 @@ static Error pvalue(struct array_info *a
+ arinfo->last,scratch);
+ arinfo->last = (Pointer)nextstr;
+ if (first == OFF)
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ if (blank == ON)
+ pblank(arinfo,h);
+ else {
+@@ -830,7 +830,7 @@ static void field_header(Field f,struct
+ if (rank > 0) {
+ for (i=0; i<shape[0]; i++){
+ if (i > 0)
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ fprintf(h->dfp,"positions_cmp%d",i);
+ }
+ }
+@@ -845,13 +845,13 @@ static void field_header(Field f,struct
+ !strcmp("positions",depon) && strcmp("invalid positions",name)
+ && strcmp("positions",name) ) {
+ if (first == OFF)
+- fprintf(h->dfp,del);
++ fprintf(h->dfp,"%s",del);
+ DXGetArrayInfo((Array)a,NULL,&type,NULL,&rank,shape);
+ /* dim = (rank < 1) ? 1 : shape[0]; */
+ if (type != TYPE_STRING && rank > 0 && shape[0] > 1) {
+ cmp = (char *)DXAllocate(strlen(name)+6);
+ for (j=0; j<shape[0]; j++) {
+- if (j > 0) fprintf(h->dfp, del);
++ if (j > 0) fprintf(h->dfp, "%s", del);
+ sprintf(cmp,"%s_cmp%d",name,j);
+ pstring(h->dfp,0,0,0,cmp);
+ }
+diff -up dx-4.4.4/src/uipp/dxl/conn.c.format-security dx-4.4.4/src/uipp/dxl/conn.c
+--- dx-4.4.4/src/uipp/dxl/conn.c.format-security 2006-05-08 18:20:08.000000000 +0200
++++ dx-4.4.4/src/uipp/dxl/conn.c 2014-02-27 16:17:28.677913252 +0100
+@@ -389,7 +389,7 @@ DXLStartChild(const char *string, const
+ char buf[2048];
+ int n = read(err,buf,2048);
+ buf[n] = '\0';
+- fprintf(stderr,buf);
++ fprintf(stderr,"%s",buf);
+ }
+ #if defined(intelnt) || defined(WIN32)
+ TerminateProcess(child, -1);
+diff -up dx-4.4.4/src/uipp/dxuilib/DXApplication.C.format-security dx-4.4.4/src/uipp/dxuilib/DXApplication.C
+--- dx-4.4.4/src/uipp/dxuilib/DXApplication.C.format-security 2014-02-27 16:15:07.350502812 +0100
++++ dx-4.4.4/src/uipp/dxuilib/DXApplication.C 2014-02-27 16:15:07.356502830 +0100
+@@ -2553,7 +2553,7 @@ boolean DXApplication::initialize(int* a
+ const char* errmsg =
+ GraphLayout::SetHeightPerLevel (DXApplication::resource.autoLayoutHeight);
+ if (errmsg) {
+- fprintf (stderr, errmsg);
++ fprintf (stderr, "%s", errmsg);
+ return FALSE;
+ }
+ }
+@@ -2561,7 +2561,7 @@ boolean DXApplication::initialize(int* a
+ const char* errmsg =
+ GraphLayout::SetGroupSpacing (DXApplication::resource.autoLayoutGroupSpacing);
+ if (errmsg) {
+- fprintf (stderr, errmsg);
++ fprintf (stderr, "%s", errmsg);
+ return FALSE;
+ }
+ }
+@@ -2569,7 +2569,7 @@ boolean DXApplication::initialize(int* a
+ const char* errmsg =
+ GraphLayout::SetNodeSpacing (DXApplication::resource.autoLayoutNodeSpacing);
+ if (errmsg) {
+- fprintf (stderr, errmsg);
++ fprintf (stderr, "%s", errmsg);
+ return FALSE;
+ }
+ }
+@@ -3787,7 +3787,7 @@ error:
+ if (this->anchor)
+ InfoMessage(msg);
+ else
+- fprintf(stderr,msg);
++ fprintf(stderr,"%s",msg);
+
+ return NULL;
+ }
+@@ -5019,7 +5019,7 @@ DXApplication_HandleCoreDump(int dummy)
+ fprintf (stderr, "Attempting to save any modified files.\n"
+ "Please check saved files for integrity by reloading them.\n");
+ theDXApplication->emergencySave (msg);
+- fprintf (stderr, msg);
++ fprintf (stderr, "%s", msg);
+ }
+
+ fprintf(stderr,"The application will now abort.\n");
+@@ -5035,7 +5035,7 @@ void DXApplication::abortApplication()
+ if (theDXApplication) {
+ char msg[4096];
+ this->emergencySave(msg);
+- fprintf(stderr, msg);
++ fprintf(stderr, "%s", msg);
+ }
+
+ this->IBMApplication::abortApplication();
+diff -up dx-4.4.4/src/uipp/dxui/SelectionNode.C.format-security dx-4.4.4/src/uipp/dxui/SelectionNode.C
+--- dx-4.4.4/src/uipp/dxui/SelectionNode.C.format-security 2002-03-25 17:42:08.000000000 +0100
++++ dx-4.4.4/src/uipp/dxui/SelectionNode.C 2014-02-27 16:18:57.348170781 +0100
+@@ -960,7 +960,7 @@ boolean SelectionNode::printJavaValue (F
+ ListIterator it(selection_stmts);
+ char* cp;
+ while ( (cp = (char*)it.getNext()) ) {
+- fprintf (jf, cp);
++ fprintf (jf, "%s", cp);
+ delete cp;
+ }
+ }
diff --git a/dx.spec b/dx.spec
index 48cb686..bcb2db0 100644
--- a/dx.spec
+++ b/dx.spec
@@ -1,7 +1,7 @@
Summary: Open source version of IBM's Visualization Data Explorer
Name: dx
Version: 4.4.4
-Release: 31%{?dist}
+Release: 32%{?dist}
URL: http://www.opendx.org/
Group: Applications/Engineering
Source0: http://opendx.informatics.jax.org/source/dx-%{version}.tar.gz
@@ -16,6 +16,8 @@ Patch3: %{name}-errno.patch
Patch4: %{name}-null.patch
# remove calls to non-public ImageMagick function to fix linking
Patch5: %{name}-magick.patch
+# fix -Werror=format-security errors
+Patch6: %{name}-format-security.patch
License: IBM
BuildRequires: bison
BuildRequires: desktop-file-utils
@@ -44,7 +46,6 @@ visualizations.
%package libs
Summary: OpenDX shared libraries
Group: System Environment/Libraries
-Obsoletes: %{name} < 4.4.4-5
%description libs
This package contains the shared libraries from OpenDX.
@@ -66,6 +67,8 @@ Editor, or in the scripting language, you will need this package.
%patch3 -p1 -b .errno
%patch4 -p1 -b .null
%patch5 -p1 -b .magick
+%patch6 -p1 -b .format-security
+
# fix debuginfo rpmlint warnings
chmod a-x src/exec/{dxmods,dpexec,hwrender}/*.{c,h}
@@ -124,6 +127,11 @@ rm $RPM_BUILD_ROOT%{_libdir}/*.la
%{_libdir}/lib*.so
%changelog
+* Thu Feb 27 2014 Dominik Mierzejewski <rpm at greysector.net> 4.4.4-32
+- drop ancient Obsoletes (bug #1002099)
+- rebuild to fix bug #925284
+- fix -Werror=format-security errors (bug #1037047)
+
* Mon Aug 12 2013 Dominik Mierzejewski <rpm at greysector.net> 4.4.4-31
- Rebuild against OpenMotif instead of LessTif (should finally fix bug #216160)
More information about the scm-commits
mailing list