[mstflint] Fix FTBFS with -Werror=format-security (#1037207, #1106248)

Yaakov Selkowitz yselkowitz at fedoraproject.org
Tue Jul 8 03:18:30 UTC 2014 

commit 04f7db0c648d70c117d8ebc0dcf5946ed6d2435e
Author: Yaakov Selkowitz <yselkowi at redhat.com>
Date:   Fri Jun 20 12:46:12 2014 -0500

    Fix FTBFS with -Werror=format-security (#1037207, #1106248)

 mstflint-3.0-format-security.patch |  123 ++++++++++++++++++++++++++++++++++++
 mstflint.spec                      |   14 ++--
 2 files changed, 130 insertions(+), 7 deletions(-)
---
diff --git a/mstflint-3.0-format-security.patch b/mstflint-3.0-format-security.patch
new file mode 100644
index 0000000..dac9ee8
--- /dev/null
+++ b/mstflint-3.0-format-security.patch
@@ -0,0 +1,123 @@
+--- a/flint/flint.cpp
++++ b/flint/flint.cpp
+@@ -117,7 +117,7 @@ void usage(bool full = false)
+ 
+ 
+ 
+-    const char *descr =
++    const char descr[] =
+ #ifdef FOR_MAN
+     ".TH \"flint\" \"\" \"Mar 2013\" \"MFT 3.0.0\" \"Administration\"\n"
+     MAN_SH("NAME")
+@@ -371,7 +371,7 @@ MAN_BR
+ 
+ 
+ 
+-    const char* full_descr =
++    const char full_descr[] =
+     "\n"
+     MAN_SS("COMMAND DESCRIPTION")
+     "\n"
+@@ -1747,7 +1747,7 @@ int main(int ac, char *av[])
+                 } else {
+                     sprintf(curr_ver, "N/A");
+                 }
+-                printf(curr_ver); printf("\n");
++                printf("%s\n", curr_ver);
+ 
+                 printf("    New FW version:               ");
+                 if (fileInfo.infoOffs[Operations::II_FwVersion]) {
+@@ -1755,7 +1755,7 @@ int main(int ac, char *av[])
+                 } else {
+                     sprintf(new_ver, "N/A");
+                 }
+-                printf(new_ver); printf("\n");
++                printf("%s\n", new_ver);
+ 
+                 print_line_to_log("Current FW version on flash: %s,  New FW version: %s\n", curr_ver, new_ver);
+ 
+--- a/flint/flint_ops.cpp
++++ b/flint/flint_ops.cpp
+@@ -353,7 +353,7 @@ bool Operations::CntxFailSafeBurn(Flash&    f,
+     if (pre_message == NULL) {
+         sprintf(message, "Burning FW image without signatures");
+     } else {
+-        sprintf(message, pre_message);
++        sprintf(message, "%s", pre_message);
+     }
+     int str_len = strlen(message), restore_len = strlen(RESTORING_MSG);
+     str_len = (restore_len > str_len) ? restore_len : str_len;
+@@ -1602,7 +1602,7 @@ bool Operations::BurnFs3Image(Flash& f, FImage& fim, bool need_report)
+          if (pre_message == NULL) {
+              sprintf(message, "Burning FW image without signatures");
+          } else {
+-             sprintf(message, pre_message);
++             sprintf(message, "%s", pre_message);
+          }
+          int str_len = strlen(message), restore_len = strlen(RESTORING_MSG);
+          str_len = (restore_len > str_len) ? restore_len : str_len;
+@@ -2051,7 +2051,7 @@ bool Operations::Verify(FBase& f, Operations::ImageInfo* info, bool both_images,
+ 
+ bool Operations::GetExpRomVersionWrapper(ImageInfo* info) {
+     if (!GetExpRomVersion(info)) {
+-        snprintf(info->expRomErrMsg, MAX_ROM_ERR_MSG_LEN, err());
++        snprintf(info->expRomErrMsg, MAX_ROM_ERR_MSG_LEN, "%s", err());
+         info->expRomErrMsgValid = true;
+     }
+     return true;
+@@ -2288,7 +2288,7 @@ bool Operations::LoadAsExpRom (FBase& f, ImageInfo* info) {
+     info->_rom_sect.clear();
+     info->_rom_sect.resize(f.get_size());
+     if (!f.read(0, &info->_rom_sect[0], f.get_size()))
+-        return errmsg(f.err());
++        return errmsg("%s", f.err());
+ 
+     TOCPUn(&info->_rom_sect[0], info->_rom_sect.size()/4);
+ 
+@@ -4034,7 +4034,7 @@ bool Operations::CheckDevImageAndRom(FBase& f, ImageInfo& flash_info)
+ {
+     // Common check for the ROM.
+     if (!CheckDevImage(f, flash_info, 1)) {
+-        return errmsg(err());
++        return errmsg("%s", err());
+     }
+     if (IsRomEmpty(&flash_info)) {
+         return errmsg("Read ROM failed: The FW does not contain a ROM section");
+@@ -4055,7 +4055,7 @@ bool Operations::IntegrateDevRomInImage(FImage& fim, ImageInfo& flashInfo, Image
+     // Compine the image and the rom into new daa
+     if(!UpdateRomInImage((u_int8_t*)(&new_data[0]), (u_int8_t*)(fim.getBuf()),
+                          (u_int8_t*)(&flashInfo._rom_sect[0]), rom_size, &actual_image_size)) {
+-        return errmsg(err());
++        return errmsg("%s", err());
+     }
+ 
+     // close old image and open new image with the rom.
+@@ -4063,7 +4063,7 @@ bool Operations::IntegrateDevRomInImage(FImage& fim, ImageInfo& flashInfo, Image
+     fim.open((u_int32_t*)(&new_data[0]), actual_image_size);
+ 
+     if (!VerifyFs2(fim, &fileInfo, false, false, true) || !QueryAll(fim, &fileInfo)) {
+-        return errmsg(err());
++        return errmsg("%s", err());
+     }
+ 
+     return true;
+--- a/small_utils/mtserver.c
++++ b/small_utils/mtserver.c
+@@ -149,7 +149,7 @@ int port = DEF_PORT;    /* Default port */
+     #define FILE_SIZE (NUM_INTS * sizeof(int))
+ 
+ u_int32_t* cr_space;
+-char sim_str[100] = "\t-i[d]  <id>   - set the device id.\n";
++const char sim_str[100] = "\t-i[d]  <id>   - set the device id.\n";
+ int id;
+ int fd;
+ mfile *mopen(const char *name)
+@@ -297,7 +297,7 @@ int unmap_and_close_file(void)
+ }
+ #else
+ 
+-char sim_str[100] = "";
++const char sim_str[100] = "";
+ int check_id_arg(char* av[], int ac, int *i)
+ {
+     ac = 0;
diff --git a/mstflint.spec b/mstflint.spec
index 230be6a..7cdb784 100644
--- a/mstflint.spec
+++ b/mstflint.spec
@@ -1,12 +1,12 @@
 Name:		mstflint
 Summary:	Mellanox firmware burning tool
 Version:	3.0
-Release:	0.7.g6961daa.1%{?dist}
+Release:	0.8.g6961daa.1%{?dist}
 License:	GPLv2+ or BSD
 Group:		Applications/System
 Source:		http://www.openfabrics.org/downloads/%{name}/%{name}-%{version}-0.6.g6961daa.tar.gz
+Patch0:		mstflint-3.0-format-security.patch
 Url:		http://www.openfabrics.org
-BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	libstdc++-devel, zlib-devel
 Obsoletes:	openib-mstflint <= 1.4 openib-tvflash <= 0.9.2 tvflash <= 0.9.0
 ExcludeArch:	s390 s390x
@@ -17,6 +17,7 @@ It also provides access to the relevant source code.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS"
@@ -24,21 +25,20 @@ export CFLAGS="$RPM_OPT_FLAGS"
 make
 
 %install
-rm -rf %{buildroot}
 make DESTDIR=%{buildroot} install
 # Remove the devel files that we don't ship
 rm -fr %{buildroot}%{_includedir}
 rm -fr %{buildroot}%{_datadir}
 
-%clean
-rm -rf %{buildroot}
-
 %files
-%defattr(-, root, root)
 %doc README
 %_bindir/*
 
 %changelog
+* Fri Jun 20 2014 Yaakov Selkowitz <yselkowi at redhat.com> - 3.0-0.8.g6961daa.1
+- Fix FTBFS with -Werror=format-security (#1037207, #1106248)
+- Cleanup spec
+
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.0-0.7.g6961daa.1
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

More information about the scm-commits mailing list