[mstflint] Fix FTBFS with -Werror=format-security (#1037207, #1106248)
Yaakov Selkowitz
yselkowitz at fedoraproject.org
Tue Jul 8 03:18:30 UTC 2014
commit 04f7db0c648d70c117d8ebc0dcf5946ed6d2435e
Author: Yaakov Selkowitz <yselkowi at redhat.com>
Date: Fri Jun 20 12:46:12 2014 -0500
Fix FTBFS with -Werror=format-security (#1037207, #1106248)
mstflint-3.0-format-security.patch | 123 ++++++++++++++++++++++++++++++++++++
mstflint.spec | 14 ++--
2 files changed, 130 insertions(+), 7 deletions(-)
---
diff --git a/mstflint-3.0-format-security.patch b/mstflint-3.0-format-security.patch
new file mode 100644
index 0000000..dac9ee8
--- /dev/null
+++ b/mstflint-3.0-format-security.patch
@@ -0,0 +1,123 @@
+--- a/flint/flint.cpp
++++ b/flint/flint.cpp
+@@ -117,7 +117,7 @@ void usage(bool full = false)
+
+
+
+- const char *descr =
++ const char descr[] =
+ #ifdef FOR_MAN
+ ".TH \"flint\" \"\" \"Mar 2013\" \"MFT 3.0.0\" \"Administration\"\n"
+ MAN_SH("NAME")
+@@ -371,7 +371,7 @@ MAN_BR
+
+
+
+- const char* full_descr =
++ const char full_descr[] =
+ "\n"
+ MAN_SS("COMMAND DESCRIPTION")
+ "\n"
+@@ -1747,7 +1747,7 @@ int main(int ac, char *av[])
+ } else {
+ sprintf(curr_ver, "N/A");
+ }
+- printf(curr_ver); printf("\n");
++ printf("%s\n", curr_ver);
+
+ printf(" New FW version: ");
+ if (fileInfo.infoOffs[Operations::II_FwVersion]) {
+@@ -1755,7 +1755,7 @@ int main(int ac, char *av[])
+ } else {
+ sprintf(new_ver, "N/A");
+ }
+- printf(new_ver); printf("\n");
++ printf("%s\n", new_ver);
+
+ print_line_to_log("Current FW version on flash: %s, New FW version: %s\n", curr_ver, new_ver);
+
+--- a/flint/flint_ops.cpp
++++ b/flint/flint_ops.cpp
+@@ -353,7 +353,7 @@ bool Operations::CntxFailSafeBurn(Flash& f,
+ if (pre_message == NULL) {
+ sprintf(message, "Burning FW image without signatures");
+ } else {
+- sprintf(message, pre_message);
++ sprintf(message, "%s", pre_message);
+ }
+ int str_len = strlen(message), restore_len = strlen(RESTORING_MSG);
+ str_len = (restore_len > str_len) ? restore_len : str_len;
+@@ -1602,7 +1602,7 @@ bool Operations::BurnFs3Image(Flash& f, FImage& fim, bool need_report)
+ if (pre_message == NULL) {
+ sprintf(message, "Burning FW image without signatures");
+ } else {
+- sprintf(message, pre_message);
++ sprintf(message, "%s", pre_message);
+ }
+ int str_len = strlen(message), restore_len = strlen(RESTORING_MSG);
+ str_len = (restore_len > str_len) ? restore_len : str_len;
+@@ -2051,7 +2051,7 @@ bool Operations::Verify(FBase& f, Operations::ImageInfo* info, bool both_images,
+
+ bool Operations::GetExpRomVersionWrapper(ImageInfo* info) {
+ if (!GetExpRomVersion(info)) {
+- snprintf(info->expRomErrMsg, MAX_ROM_ERR_MSG_LEN, err());
++ snprintf(info->expRomErrMsg, MAX_ROM_ERR_MSG_LEN, "%s", err());
+ info->expRomErrMsgValid = true;
+ }
+ return true;
+@@ -2288,7 +2288,7 @@ bool Operations::LoadAsExpRom (FBase& f, ImageInfo* info) {
+ info->_rom_sect.clear();
+ info->_rom_sect.resize(f.get_size());
+ if (!f.read(0, &info->_rom_sect[0], f.get_size()))
+- return errmsg(f.err());
++ return errmsg("%s", f.err());
+
+ TOCPUn(&info->_rom_sect[0], info->_rom_sect.size()/4);
+
+@@ -4034,7 +4034,7 @@ bool Operations::CheckDevImageAndRom(FBase& f, ImageInfo& flash_info)
+ {
+ // Common check for the ROM.
+ if (!CheckDevImage(f, flash_info, 1)) {
+- return errmsg(err());
++ return errmsg("%s", err());
+ }
+ if (IsRomEmpty(&flash_info)) {
+ return errmsg("Read ROM failed: The FW does not contain a ROM section");
+@@ -4055,7 +4055,7 @@ bool Operations::IntegrateDevRomInImage(FImage& fim, ImageInfo& flashInfo, Image
+ // Compine the image and the rom into new daa
+ if(!UpdateRomInImage((u_int8_t*)(&new_data[0]), (u_int8_t*)(fim.getBuf()),
+ (u_int8_t*)(&flashInfo._rom_sect[0]), rom_size, &actual_image_size)) {
+- return errmsg(err());
++ return errmsg("%s", err());
+ }
+
+ // close old image and open new image with the rom.
+@@ -4063,7 +4063,7 @@ bool Operations::IntegrateDevRomInImage(FImage& fim, ImageInfo& flashInfo, Image
+ fim.open((u_int32_t*)(&new_data[0]), actual_image_size);
+
+ if (!VerifyFs2(fim, &fileInfo, false, false, true) || !QueryAll(fim, &fileInfo)) {
+- return errmsg(err());
++ return errmsg("%s", err());
+ }
+
+ return true;
+--- a/small_utils/mtserver.c
++++ b/small_utils/mtserver.c
+@@ -149,7 +149,7 @@ int port = DEF_PORT; /* Default port */
+ #define FILE_SIZE (NUM_INTS * sizeof(int))
+
+ u_int32_t* cr_space;
+-char sim_str[100] = "\t-i[d] <id> - set the device id.\n";
++const char sim_str[100] = "\t-i[d] <id> - set the device id.\n";
+ int id;
+ int fd;
+ mfile *mopen(const char *name)
+@@ -297,7 +297,7 @@ int unmap_and_close_file(void)
+ }
+ #else
+
+-char sim_str[100] = "";
++const char sim_str[100] = "";
+ int check_id_arg(char* av[], int ac, int *i)
+ {
+ ac = 0;
diff --git a/mstflint.spec b/mstflint.spec
index 230be6a..7cdb784 100644
--- a/mstflint.spec
+++ b/mstflint.spec
@@ -1,12 +1,12 @@
Name: mstflint
Summary: Mellanox firmware burning tool
Version: 3.0
-Release: 0.7.g6961daa.1%{?dist}
+Release: 0.8.g6961daa.1%{?dist}
License: GPLv2+ or BSD
Group: Applications/System
Source: http://www.openfabrics.org/downloads/%{name}/%{name}-%{version}-0.6.g6961daa.tar.gz
+Patch0: mstflint-3.0-format-security.patch
Url: http://www.openfabrics.org
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libstdc++-devel, zlib-devel
Obsoletes: openib-mstflint <= 1.4 openib-tvflash <= 0.9.2 tvflash <= 0.9.0
ExcludeArch: s390 s390x
@@ -17,6 +17,7 @@ It also provides access to the relevant source code.
%prep
%setup -q
+%patch0 -p1
%build
export CFLAGS="$RPM_OPT_FLAGS"
@@ -24,21 +25,20 @@ export CFLAGS="$RPM_OPT_FLAGS"
make
%install
-rm -rf %{buildroot}
make DESTDIR=%{buildroot} install
# Remove the devel files that we don't ship
rm -fr %{buildroot}%{_includedir}
rm -fr %{buildroot}%{_datadir}
-%clean
-rm -rf %{buildroot}
-
%files
-%defattr(-, root, root)
%doc README
%_bindir/*
%changelog
+* Fri Jun 20 2014 Yaakov Selkowitz <yselkowi at redhat.com> - 3.0-0.8.g6961daa.1
+- Fix FTBFS with -Werror=format-security (#1037207, #1106248)
+- Cleanup spec
+
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0-0.7.g6961daa.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
More information about the scm-commits
mailing list