Package: cdparanoia
Version: 3.10.2+debian-14
Severity: minor
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu ubuntu-patch
Dear Maintainer,
In Ubuntu, we found that cdparanoia was not using the distro build
flags. These patches fix this problem, and two FTBFS issues that we saw
as a result.
* Build with distro build flags, and fix resulting FTBFS (LP: #2073149)
- debian/rules: use *_MAINT_APPEND to add to {C,LD}FLAGS
- d/p/fix-format-security-warnings.patch: fix fprintf warnings
- d/p/check-seteuid-and-setegid-return-value.patch: fix unused result
warning
Thanks for considering the patch.
-Nick
diff -Nru
cdparanoia-3.10.2+debian/debian/patches/check-seteuid-and-setegid-return-value.patch
cdparanoia-3.10.2+debian/debian/patches/check-seteuid-and-setegid-return-value.patch
---
cdparanoia-3.10.2+debian/debian/patches/check-seteuid-and-setegid-return-value.patch
1969-12-31 19:00:00.000000000 -0500
+++
cdparanoia-3.10.2+debian/debian/patches/check-seteuid-and-setegid-return-value.patch
2024-07-15 15:17:24.000000000 -0400
@@ -0,0 +1,26 @@
+Description: Do not continue if seteuid or setegid fail
+ This fixes a warning revealed by using distro build flags.
+Author: Nick Rosbrook <en...@ubuntu.com>
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/cdparanoia/+bug/2073149
+Forwarded: no
+Last-Update: 2024-07-15
+--- a/main.c
++++ b/main.c
+@@ -1204,8 +1204,15 @@
+ paranoia_seek(p,cursor=first_sector,SEEK_SET);
+
+ /* this is probably a good idea in general */
+- seteuid(getuid());
+- setegid(getgid());
++ if (seteuid(getuid()) < 0) {
++ report("seteuid: %s", strerror(errno));
++ exit(1);
++ }
++
++ if (setegid(getgid()) < 0) {
++ report("setegid: %s", strerror(errno));
++ exit(1);
++ }
+
+ /* we'll need to be able to read one sector past user data if we
+ have a sample offset in order to pick up the last bytes. We
diff -Nru
cdparanoia-3.10.2+debian/debian/patches/fix-format-security-warnings.patch
cdparanoia-3.10.2+debian/debian/patches/fix-format-security-warnings.patch
--- cdparanoia-3.10.2+debian/debian/patches/fix-format-security-warnings.patch
1969-12-31 19:00:00.000000000 -0500
+++ cdparanoia-3.10.2+debian/debian/patches/fix-format-security-warnings.patch
2024-07-15 15:17:24.000000000 -0400
@@ -0,0 +1,20 @@
+Description: Fix format-security warnings about fprintf
+Author: Nick Rosbrook <en...@ubuntu.com>
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/cdparanoia/+bug/2073149
+Forwarded: no
+Last-Update: 2024-07-15
+--- a/main.c
++++ b/main.c
+@@ -594,10 +594,10 @@
+ buffer[aheadposition+19]='>';
+ }
+
+- fprintf(stderr,buffer);
++ fprintf(stderr, "%s", buffer);
+
+ if (logfile != NULL && function==-1) {
+- fprintf(logfile,buffer+1);
++ fprintf(logfile, "%s", buffer+1);
+ fprintf(logfile,"\n\n");
+ fflush(logfile);
+ }
diff -Nru cdparanoia-3.10.2+debian/debian/patches/series
cdparanoia-3.10.2+debian/debian/patches/series
--- cdparanoia-3.10.2+debian/debian/patches/series 2021-03-12
23:58:25.000000000 -0500
+++ cdparanoia-3.10.2+debian/debian/patches/series 2024-07-15
15:17:24.000000000 -0400
@@ -7,3 +7,5 @@
07-jpmanfix.patch
cdparanoia-force-progress-bar.diff
0009-dh-autoconf-generate-config-files.patch
+check-seteuid-and-setegid-return-value.patch
+fix-format-security-warnings.patch
diff -Nru cdparanoia-3.10.2+debian/debian/rules
cdparanoia-3.10.2+debian/debian/rules
--- cdparanoia-3.10.2+debian/debian/rules 2021-03-12 23:58:25.000000000
-0500
+++ cdparanoia-3.10.2+debian/debian/rules 2024-07-15 15:17:24.000000000
-0400
@@ -1,7 +1,7 @@
#!/usr/bin/make -f
-export CFLAGS += -fPIC -g
-export LDFLAGS += -fPIC
+export DEB_CFLAGS_MAINT_APPEND = -fPIC -g
+export DEB_LDFLAGS_MAINT_APPEND = -fPIC
%:
dh $@ --no-parallel
