Source: gpr Version: 0.15deb-2 Severity: normal User: [email protected] Usertags: hardening-format-security hardening
the package gpr fails to compile with the new hardened compiler flags dpkg-buildflag outputs [0]. The problematic flag is: -Werror=format-security See the ubuntu buildlog: https://launchpadlibrarian.net/83137720/buildlog_ubuntu-precise-i386.gpr_0.15deb-2_FAILEDTOBUILD.txt.gz Snippet: gcc -DHAVE_CONFIG_H -I. -I.. -D_FORTIFY_SOURCE=2 -pthread -I/usr/include/gtk-2.0 -I/usr/lib/x86_64-linux-gnu/gtk-2.0/include -I/usr/include/atk-1.0 -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/pango-1.0 -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng12 -I/usr/include/cairo -I/usr/include/gio-unix-2.0/ -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -Wall -MT gpr-callbacks.o -MD -MP -MF .deps/gpr-callbacks.Tpo -c -o gpr-callbacks.o `test -f 'callbacks.c' || echo './'`callbacks.c callbacks.c: In function 'set_printer_name': callbacks.c:517:7: error: format not a string literal and no format arguments [-Werror=format-security] callbacks.c:536:7: error: format not a string literal and no format arguments [-Werror=format-security] callbacks.c: In function 'warn_constaints': callbacks.c:875:2: error: format not a string literal and no format arguments [-Werror=format-security] callbacks.c: In function 'send_print': callbacks.c:629:7: warning: ignoring return value of 'fgets', declared with attribute warn_unused_result [-Wunused-result] callbacks.c:750:11: warning: ignoring return value of 'system', declared with attribute warn_unused_result [-Wunused-result] cc1: some warnings being treated as errors The buildflags are not exported in debian, but can be enabled e.g. by adding this to debian/rules: DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/buildflags.mk Please fix the issues and maybe also enable the hardened build in debian. [0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
signature.asc
Description: OpenPGP digital signature
