Package: boost1.36
Version: 1.36.0-5
Severity: normal
Tags: patch
User: [EMAIL PROTECTED]
Usertags: origin-ubuntu jaunty ubuntu-patch
Hello!
When compiling with -D_FORTIFY_SOURCE=2 and -Wformat-security (as seen
when doing builds with hardening-wrapper[1]), boost1.36 will FTBFS when
it builds the initial tools (since they use -Werror).
The follow patch fixes these issues.
Thanks,
-Kees
[1] http://wiki.debian.org/Hardening
--
Kees Cook @outflux.net
Index: boost1.36-1.36.0/tools/jam/src/compile.c
===================================================================
--- boost1.36-1.36.0.orig/tools/jam/src/compile.c 2008-11-12 23:25:20.000000000 -0800
+++ boost1.36-1.36.0/tools/jam/src/compile.c 2008-11-12 23:25:20.000000000 -0800
@@ -1405,7 +1405,7 @@
i = (level+1)*2;
while ( i > 35 )
{
- printf( indent );
+ printf( "%s", indent );
i -= 35;
}
Index: boost1.36-1.36.0/tools/jam/src/make1.c
===================================================================
--- boost1.36-1.36.0.orig/tools/jam/src/make1.c 2008-11-12 23:26:39.000000000 -0800
+++ boost1.36-1.36.0/tools/jam/src/make1.c 2008-11-12 23:26:47.000000000 -0800
@@ -1018,7 +1018,7 @@
list_sublist( ns, start, chunk ),
list_new( L0, newstr( "%" ) ) );
- printf( cmd->buf );
+ printf( "%s", cmd->buf );
exit( EXITBAD );
}
Index: boost1.36-1.36.0/tools/jam/src/output.c
===================================================================
--- boost1.36-1.36.0.orig/tools/jam/src/output.c 2008-11-12 23:26:58.000000000 -0800
+++ boost1.36-1.36.0/tools/jam/src/output.c 2008-11-12 23:27:25.000000000 -0800
@@ -20,7 +20,7 @@
while ( *data )
{
size_t len = strcspn(data,"\r");
- fwrite(data,len,1,io);
+ do { if (fwrite(data,len,1,io)) {} } while (0);
data += len;
if ( *data == '\r' ) ++data;
}
Index: boost1.36-1.36.0/tools/jam/src/variable.c
===================================================================
--- boost1.36-1.36.0.orig/tools/jam/src/variable.c 2008-11-12 23:27:42.000000000 -0800
+++ boost1.36-1.36.0/tools/jam/src/variable.c 2008-11-12 23:31:49.000000000 -0800
@@ -416,8 +416,18 @@
}
if ( output_0 < output_1 )
{
- if ( out_file ) fwrite(output_0,output_1-output_0,1,out_file);
- if ( out_debug ) fwrite(output_0,output_1-output_0,1,stdout);
+ if ( out_file ) {
+ if ( fwrite(output_0,output_1-output_0,1,out_file) < 1 ) {
+ printf( "failed to write output file!\n" );
+ exit( EXITBAD );
+ }
+ }
+ if ( out_debug ) {
+ if ( fwrite(output_0,output_1-output_0,1,stdout) < 1 ) {
+ printf( "failed to write output to stdout!\n" );
+ exit( EXITBAD );
+ }
+ }
}
output_0 = output_1;
@@ -457,8 +467,18 @@
}
else if ( output_0 < output_1 )
{
- if ( out_file ) fwrite(output_0,output_1-output_0,1,out_file);
- if ( out_debug ) fwrite(output_0,output_1-output_0,1,stdout);
+ if ( out_file ) {
+ if ( fwrite(output_0,output_1-output_0,1,out_file) < 1 ) {
+ printf( "failed to write output file!\n" );
+ exit( EXITBAD );
+ }
+ }
+ if ( out_debug ) {
+ if ( fwrite(output_0,output_1-output_0,1,stdout) < 1 ) {
+ printf( "failed to write output to stdout!\n" );
+ exit( EXITBAD );
+ }
+ }
}
in = output_1;
