Package: flex
Version: 2.5.35-3
Severity: normal
Tags: patch
User: [EMAIL PROTECTED]
Usertags: origin-ubuntu jaunty ubuntu-patch
Hello!
Application that use flex-generated output that are compiled with -O2
-D_FORTIFY_SOURCE=2 will issue warnings (and if using -Werror, will
FTBFS). The warning is due to an unchecked fwrite() call. It does not
appear to actually need to be checked (and doing so sensibly does not
look simple). This patch makes the FORTIFY warning go away.
Thanks,
-Kees
--
Kees Cook @outflux.net
diff -u flex-2.5.35/scan.c flex-2.5.35/scan.c
--- flex-2.5.35/scan.c
+++ flex-2.5.35/scan.c
@@ -2096,7 +2096,7 @@
/* This used to be an fputs(), but since the string might contain NUL's,
* we now use fwrite().
*/
-#define ECHO fwrite( yytext, yyleng, 1, yyout )
+#define ECHO do { if (fwrite( yytext, yyleng, 1, yyout )) {} } while (0)
#endif
/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
diff -u flex-2.5.35/flex.skl flex-2.5.35/flex.skl
--- flex-2.5.35/flex.skl
+++ flex-2.5.35/flex.skl
@@ -1075,7 +1075,7 @@
/* This used to be an fputs(), but since the string might contain NUL's,
* we now use fwrite().
*/
-#define ECHO fwrite( yytext, yyleng, 1, yyout )
+#define ECHO do { if (fwrite( yytext, yyleng, 1, yyout )) {} } while (0)
%endif
%if-c++-only C++ definition
#define ECHO LexerOutput( yytext, yyleng )
diff -u flex-2.5.35/skel.c flex-2.5.35/skel.c
--- flex-2.5.35/skel.c
+++ flex-2.5.35/skel.c
@@ -1142,7 +1142,7 @@
"/* This used to be an fputs(), but since the string might contain NUL's,",
" * we now use fwrite().",
" */",
- "#define ECHO fwrite( yytext, yyleng, 1, yyout )",
+ "#define ECHO do { if (fwrite( yytext, yyleng, 1, yyout )) {} } while (0)",
"%endif",
"%if-c++-only C++ definition",
"#define ECHO LexerOutput( yytext, yyleng )",
