Your message dated Sun, 21 Feb 2021 21:03:45 +0000
with message-id <e1ldvtj-0006ch...@fasolo.debian.org>
and subject line Bug#980592: fixed in clamav 0.103.0+dfsg-3.1
has caused the Debian Bug report #980592,
regarding clamav: FTBFS: check_jsnorm.c:250:57: error: format not a string
literal and no format arguments [-Werror=format-security]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
980592: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980592
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: clamav
Version: 0.103.0+dfsg-3
Severity: serious
Justification: FTBFS on amd64
Tags: bullseye sid ftbfs
Usertags: ftbfs-20210120 ftbfs-bullseye
Hi,
During a rebuild of all packages in sid, your package failed to build
on amd64.
Relevant part (hopefully):
> gcc -DHAVE_CONFIG_H -I. -I.. -I.. -I../libclamav -I../libclamav
> -I../libclamunrar_iface -pthread -I/usr/include/json-c
> -DSRCDIR=\"/<<PKGBUILDDIR>>/unit_tests\"
> -DOBJDIR=\"/<<PKGBUILDDIR>>/unit_tests\" -Wdate-time -D_FORTIFY_SOURCE=2
> -I/usr/include/libxml2 -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=.
> -fstack-protector-strong -Wformat -Werror=format-security -Wall
> -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
> -D_FILE_OFFSET_BITS=64 -c -o check_clamav-check_jsnorm.o `test -f
> 'check_jsnorm.c' || echo './'`check_jsnorm.c
> In file included from check_jsnorm.c:32:
> check_jsnorm.c: In function ‘tokenizer_test’:
> check_jsnorm.c:250:57: error: format not a string literal and no format
> arguments [-Werror=format-security]
> 250 | ck_assert_msg("failed to open output file: %s", filename);
> | ^~~~~~~~
> check_jsnorm.c: In function ‘js_buffer_fn’:
> check_jsnorm.c:408:45: warning: argument to ‘sizeof’ in ‘strncpy’ call is the
> same expression as the source; did you mean to use the size of the
> destination? [-Wsizeof-pointer-memaccess]
> 408 | strncpy(tst + len - sizeof(e), e, sizeof(e));
> | ^
> check_jsnorm.c:412:57: warning: argument to ‘sizeof’ in ‘strncpy’ call is the
> same expression as the source; did you mean to use the size of the
> destination? [-Wsizeof-pointer-memaccess]
> 412 | strncpy(exp + sizeof(s_exp) + len - 2, e_exp, sizeof(e_exp));
> | ^
> In file included from /usr/include/string.h:495,
> from check_jsnorm.c:31:
> In function ‘strncpy’,
> inlined from ‘js_buffer_fn’ at check_jsnorm.c:407:5:
> /usr/include/x86_64-linux-gnu/bits/string_fortified.h:106:10: warning:
> ‘__builtin___strncpy_chk’ output truncated before terminating nul copying as
> many bytes from a string as its length [-Wstringop-truncation]
> 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos
> (__dest));
> |
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> check_jsnorm.c: In function ‘js_buffer_fn’:
> check_jsnorm.c:407:5: note: length computed here
> 407 | strncpy(tst, s, strlen(s));
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~
> cc1: some warnings being treated as errors
> make[4]: *** [Makefile:942: check_clamav-check_jsnorm.o] Error 1
The full build log is available from:
http://qa-logs.debian.net/2021/01/20/clamav_0.103.0+dfsg-3_unstable.log
A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
If you reassign this bug to another package, please marking it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects
If you fail to reproduce this, please provide a build log and diff it with me
so that we can identify if something relevant changed in the meantime.
About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.103.0+dfsg-3.1
Done: Sebastian Ramacher <sramac...@debian.org>
We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 980...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Ramacher <sramac...@debian.org> (supplier of updated clamav package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 Feb 2021 16:00:07 +0100
Source: clamav
Architecture: source
Version: 0.103.0+dfsg-3.1
Distribution: unstable
Urgency: medium
Maintainer: ClamAV Team <pkg-clamav-de...@lists.alioth.debian.org>
Changed-By: Sebastian Ramacher <sramac...@debian.org>
Closes: 980592
Changes:
clamav (0.103.0+dfsg-3.1) unstable; urgency=medium
.
* Non-maintainer upload.
* debian/patches: Apply upstream patch to fix call of ck_assert_msg (Closes:
#980592)
Checksums-Sha1:
8a6aff9ee6aa8c163e69bfebc4c6c9cb16e8489d 2959 clamav_0.103.0+dfsg-3.1.dsc
5d53953bc54d707599e9736dceaaf7d441c64fa2 220712
clamav_0.103.0+dfsg-3.1.debian.tar.xz
Checksums-Sha256:
7fb782b03735e2e69782ada2a0b4c0dd59b489b224540a36b643a83ae5652255 2959
clamav_0.103.0+dfsg-3.1.dsc
00b43e05470744017178e197077cd1ae9308f2528aee79123bf3438b5c2b7c9a 220712
clamav_0.103.0+dfsg-3.1.debian.tar.xz
Files:
9f09b615d961241e0d93a2b827e176f2 2959 utils optional
clamav_0.103.0+dfsg-3.1.dsc
c7bac2c16f7ada61c59142f919f49c0e 220712 utils optional
clamav_0.103.0+dfsg-3.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE94y6B4F7sUmhHTOQafL8UW6nGZMFAmAydzkACgkQafL8UW6n
GZPPPg/+KLCpo63ZMb7dlipsVJ8i6e6yx1XhQD2ZWC1Qdv7nG2lF+47nc3zA3Q9L
2JT/JnJetGelDPsIt6FJP5QRbmMhx4gFuVHGfU6SZclQObuQ4ckav9LYnbmgBIMt
jar54lwWb5LCcOagfyEt7xGg01vVSDVF+SXdDX/64hjvsfhtZn0UHiAdIV2ba55y
qW0xvELKgksZ4Yeor2F6pmx84NMU83RuD1rX6Ncg2jefsIuuZ+nsHi4tCbkbxsWM
ElJikrJaJbPJN0u+1X2greXiuYjwsKOzcd9h23v09fvplV4/qz0icIDLkwVd874v
DP1bfF6UVNgaZR+fZcwT45Xn1P8OTXbTjIiJ9DwsavkKnzXdDWNwY9mgZdUmcsgj
2Jxt6ZmcOT+1QczfgywJetDX1BKvguD+P1Jbv2OdhSyHNhXQI/+frKsg+DPZNXV/
SWIwGsIhR5Mz1SLoiXMymcfPg2XHEqISv00AjR+P2hVfgzcYVGGh6w4tMGouDf7J
Koi6qShbmVIvqZrINLB2U+AkQp35bepGMAu2MhzXGUN+otqn44MAgwg8JY26YplD
EilBPjOORAR0ow4aVtSwU60eKYqtPlbt4GLmJfudWiikt52/zANwYJ5SS+xbyZpt
LZUVlOnFy9KT4uGEw1BYoh72ePYvvPAL7SRIG3ig1iOW0VXiYWo=
=BJGW
-----END PGP SIGNATURE-----
--- End Message ---
