From 7b76a1ba00cc0fa95ba1b74d35d6efbac889ec9f Mon Sep 17 00:00:00 2001 From: Frantisek Kluknavsky Date: Dec 05 2013 10:38:30 +0000 Subject: fixed -Werror=format-security violations --- diff --git a/cdrdao-1.2.3-format_security.patch b/cdrdao-1.2.3-format_security.patch new file mode 100644 index 0000000..cba986c --- /dev/null +++ b/cdrdao-1.2.3-format_security.patch @@ -0,0 +1,57 @@ +diff -up wrk/pccts/antlr/fset2.c.wrk wrk/pccts/antlr/fset2.c +--- wrk/pccts/antlr/fset2.c.wrk 2013-12-05 11:33:33.561962126 +0100 ++++ wrk/pccts/antlr/fset2.c 2013-12-05 11:33:52.009105807 +0100 +@@ -2210,7 +2210,7 @@ void MR_backTraceReport() + if (p->ntype != nToken) continue; + tn=(TokNode *)p; + if (depth != 0) fprintf(stdout," "); +- fprintf(stdout,TerminalString(tn->token)); ++ fprintf(stdout,"%s",TerminalString(tn->token)); + depth++; + if (! MR_AmbAidMultiple) { + if (set_nil(tn->tset)) { +diff -up wrk/pccts/antlr/gen.c.wrk wrk/pccts/antlr/gen.c +--- wrk/pccts/antlr/gen.c.wrk 2013-12-05 11:26:36.384714088 +0100 ++++ wrk/pccts/antlr/gen.c 2013-12-05 11:29:41.894158536 +0100 +@@ -3866,7 +3866,7 @@ int file; + /* MR10 */ _gen(" * "); + /* MR10 */ for (i=0 ; i < Save_argc ; i++) { + /* MR10 */ _gen(" "); +-/* MR10 */ _gen(Save_argv[i]); ++/* MR10 */ _gen1("%s",Save_argv[i]); + /* MR10 */ }; + _gen("\n"); + _gen(" *\n"); +diff -up wrk/pccts/antlr/lex.c.wrk wrk/pccts/antlr/lex.c +--- wrk/pccts/antlr/lex.c.wrk 2013-12-05 11:15:51.912722340 +0100 ++++ wrk/pccts/antlr/lex.c 2013-12-05 11:19:04.039210441 +0100 +@@ -706,7 +706,7 @@ FILE *output; + /* MR26 */ if (! (isalpha(*t) || isdigit(*t) || *t == '_' || *t == '$')) break; + /* MR26 */ } + /* MR26 */ } +-/* MR26 */ fprintf(output,strBetween(pSymbol, t, pSeparator)); ++/* MR26 */ fprintf(output,"%s",strBetween(pSymbol, t, pSeparator)); + + *q = p; + return (*pSeparator == 0); +@@ -771,7 +771,7 @@ FILE *f; + &pValue, + &pSeparator, + &nest); +- fprintf(f,strBetween(pDataType, pSymbol, pSeparator)); ++ fprintf(f,"%s",strBetween(pDataType, pSymbol, pSeparator)); + } + + /* check to see if string e is a word in string s */ +@@ -852,9 +852,9 @@ int i; + &pSeparator, + &nest); + fprintf(f,"\t"); +- fprintf(f,strBetween(pDataType, pSymbol, pSeparator)); ++ fprintf(f,"%s",strBetween(pDataType, pSymbol, pSeparator)); + fprintf(f," "); +- fprintf(f,strBetween(pSymbol, pEqualSign, pSeparator)); ++ fprintf(f,"%s",strBetween(pSymbol, pEqualSign, pSeparator)); + fprintf(f,";\n"); + } + fprintf(f,"};\n"); diff --git a/cdrdao.spec b/cdrdao.spec index f3ee859..7f768b3 100644 --- a/cdrdao.spec +++ b/cdrdao.spec @@ -1,7 +1,7 @@ Summary: Writes audio CD-Rs in disk-at-once (DAO) mode Name: cdrdao Version: 1.2.3 -Release: 20%{?dist} +Release: 21%{?dist} License: GPLv2+ Group: Applications/Multimedia URL: http://cdrdao.sourceforge.net/ @@ -22,6 +22,7 @@ ExcludeArch: s390 s390x # Missing includes causes failure build Patch1: cdrdao-1.2.3-stat.patch Patch2: cdrdao-1.2.3-helpmansync.patch +Patch3: cdrdao-1.2.3-format_security.patch %description Cdrdao records audio CD-Rs in disk-at-once (DAO) mode, based on a @@ -35,6 +36,7 @@ of pre-gaps, the pause areas between tracks. %setup -q %patch1 -p1 -b .stat %patch2 -p1 -b .helpmansync +%patch3 -p1 -b .format_security %build #run autoreconf to support aarch64 @@ -66,6 +68,9 @@ find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';' %changelog +* Thu Dec 05 2013 Frantisek Kluknavsky - 1.2.3-21 +- fixed -Werror=format-security violations + * Sat Aug 03 2013 Fedora Release Engineering - 1.2.3-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild