[q] - ImageMagick 6.8.8.10-3 rebuild. - Add Patch0: q-7.11-format-security.patch to fix FBFS due to -Wfo

Pavel Alexeev hubbitus at fedoraproject.org
Sun Apr 13 18:13:23 UTC 2014 

commit 49e979cbc353c43637396d51e1ee64208ffff62e
Author: Hubbitus <pahan at hubbitus.info>
Date:   Sun Apr 13 22:13:00 2014 +0400

    - ImageMagick 6.8.8.10-3 rebuild.
    - Add Patch0: q-7.11-format-security.patch to fix FBFS due to -Wformat-security (bz#1037264).

 q-7.11-format-security.patch |  100 ++++++++++++++++++++++++++++++++++++++++++
 q.spec                       |   11 +++-
 2 files changed, 108 insertions(+), 3 deletions(-)
---
diff --git a/q-7.11-format-security.patch b/q-7.11-format-security.patch
new file mode 100644
index 0000000..dc40209
--- /dev/null
+++ b/q-7.11-format-security.patch
@@ -0,0 +1,100 @@
+--- ./modules/clib/system.c.orig	2014-04-13 21:02:16.848951316 +0400
++++ ./modules/clib/system.c	2014-04-13 21:02:46.161439951 +0400
+@@ -6097,7 +6097,7 @@
+   i = 0;
+   while ((f = f_parse_mf())) {
+     if (!addbuf(strlen(f_str))) goto errexit2;
+-    if (sprintf(bufptr, f_str) < 0) goto errexit;
++    if (sprintf(bufptr, "%s", f_str) < 0) goto errexit;
+     bufptr += strlen(bufptr);
+     *s = 0;
+     switch (f) {
+@@ -6112,7 +6112,7 @@
+     bufptr += strlen(bufptr);
+   }
+   if (!addbuf(strlen(f_str))) goto errexit2;
+-  if (sprintf(bufptr, f_str) < 0) goto errexit;
++  if (sprintf(bufptr, "%s", f_str) < 0) goto errexit;
+   bufptr += strlen(bufptr);
+   f_init(NULL);
+   unlock_format();
+--- ./modules/clib/clib.c.orig	2014-04-13 20:59:23.649051758 +0400
++++ ./modules/clib/clib.c	2014-04-13 21:01:42.258375147 +0400
+@@ -2843,7 +2843,7 @@
+   f_init(format);
+   i = 0;
+   while ((f = f_parse_pf())) {
+-    if (fprintf(fp, f_str) < 0) goto errexit;
++    if (fprintf(fp, "%s", f_str) < 0) goto errexit;
+     if (f_var_wd)
+       coerce_int(xs[i++], &wdval);
+     if (f_var_prec)
+@@ -2889,7 +2889,7 @@
+     }
+     if (ret < 0) goto errexit;
+   }
+-  if (fprintf(fp, f_str) < 0) goto errexit;
++  if (fprintf(fp, "%s", f_str) < 0) goto errexit;
+   f_init(NULL);
+   unlock_format();
+   free(format);
+@@ -3115,7 +3115,7 @@
+   i = 0;
+   while ((f = f_parse_pf())) {
+     if (!addbuf(strlen(f_str))) goto errexit2;
+-    if (sprintf(bufptr, f_str) < 0) goto errexit;
++    if (sprintf(bufptr, "%s", f_str) < 0) goto errexit;
+     bufptr += strlen(bufptr);
+     if (f_var_wd)
+       coerce_int(xs[i++], &wdval);
+@@ -3166,7 +3166,7 @@
+     bufptr += strlen(bufptr);
+   }
+   if (!addbuf(strlen(f_str))) goto errexit2;
+-  if (sprintf(bufptr, f_str) < 0) goto errexit;
++  if (sprintf(bufptr, "%s", f_str) < 0) goto errexit;
+   bufptr += strlen(bufptr);
+   f_init(NULL);
+   unlock_format();
+--- ./src/qc.y.orig	2014-04-13 21:13:21.720093215 +0400
++++ ./src/qc.y	2014-04-13 21:13:35.938332366 +0400
+@@ -2116,7 +2116,7 @@
+ 
+ 	if (Vflag) {
+ 		printf(signon, version, sysinfo, year);
+-		printf(copying);
++		printf("%s", copying);
+ 		printf(helpmsg, self);
+ 		exit(0);
+ 	}
+--- ./src/qmparse.y.orig	2014-04-13 21:04:50.440515229 +0400
++++ ./src/qmparse.y	2014-04-13 21:05:12.791889007 +0400
+@@ -2346,7 +2346,7 @@
+   if (!checkbrk) {
+     printf("\n");
+     printf(signon, version, sysinfo, year);
+-    printf(copying);
++    printf("%s", copying);
+   }
+   savepos();
+   return clean();
+--- ./src/q.c.orig	2014-04-13 21:03:27.297126251 +0400
++++ ./src/q.c	2014-04-13 21:04:10.645850139 +0400
+@@ -2228,7 +2228,7 @@
+ 
+   if (Vflag) {
+     printf(signon, version, sysinfo, year);
+-    printf(copying);
++    printf("%s", copying);
+     printf(helpmsg, self);
+     exit(0);
+   }
+@@ -2341,7 +2341,7 @@
+     /* sign-on: */
+     printf(signon, version, sysinfo, year);
+     printf("\n");
+-    printf(terms);
++    printf("%s", terms);
+   }
+ 
+   /* install signal handlers: */
diff --git a/q.spec b/q.spec
index 116ba09..1addd6a 100644
--- a/q.spec
+++ b/q.spec
@@ -1,6 +1,6 @@
 Name: 		q
 Version: 	7.11
-Release: 	17%{?dist}
+Release: 	18%{?dist}
 Summary: 	Equational programming language
 Group: 		Development/Languages
 License: 	GPLv2+
@@ -14,7 +14,8 @@ BuildRequires:	which, zlib-devel, libtool-ltdl-devel, automake
 BuildRequires:  autoconf, libtool, gettext-devel
 Requires(post): /sbin/ldconfig /sbin/install-info
 Requires(postun): /sbin/ldconfig /sbin/install-info
-
+# bz#1037264. Upstream support discontinued according to offsite, so nothing send - just add patch in Fedora.
+Patch0:	q-7.11-format-security.patch
 
 %description
 Q is a powerful and extensible functional programming language based
@@ -76,7 +77,7 @@ Requires:	libtool
 
 %prep
 %setup -q
-#patch0 -p1 -b .AcquireOnePixel
+%patch0 -p0 -b .format-security
 sed -i 's|@libtool@|libtool|' src/Makefile.in
 
 rm -fr libltdl* libtool
@@ -167,6 +168,10 @@ fi
 
 
 %changelog
+* Sun Apr 13 2014 Pavel Alexeev <Pahan at Hubbitus.info> - 7.11-18
+- ImageMagick 6.8.8.10-3 rebuild.
+- Add Patch0: q-7.11-format-security.patch to fix FBFS due to -Wformat-security (bz#1037264).
+
 * Fri Aug  2 2013 Ville Skyttä <ville.skytta at iki.fi> - 7.11-17
 - Use special %%doc to install docs.

More information about the scm-commits mailing list