[arch-commits] Commit in java-rxtx/trunk (PKGBUILD rxtx-2.2-format-security.patch)

Antonio Rojas arojas at gemini.archlinux.org
Mon Apr 25 18:54:08 UTC 2022 

    Date: Monday, April 25, 2022 @ 18:54:08
  Author: arojas
Revision: 1190046

CE0BDE71A759A87F23F0F7D8B61DBCE10901C163 key rebuild

Added:
  java-rxtx/trunk/rxtx-2.2-format-security.patch
Modified:
  java-rxtx/trunk/PKGBUILD

--------------------------------+
 PKGBUILD                       |    7 +-
 rxtx-2.2-format-security.patch |  118 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 124 insertions(+), 1 deletion(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2022-04-25 18:53:39 UTC (rev 1190045)
+++ PKGBUILD	2022-04-25 18:54:08 UTC (rev 1190046)
@@ -4,7 +4,7 @@
 pkgname=java-rxtx
 _pkgname=rxtx
 pkgver=2.2pre2
-pkgrel=7
+pkgrel=8
 pkgdesc="Java library for serial IO"
 arch=('x86_64')
 url="http://rxtx.qbang.org/"
@@ -18,6 +18,7 @@
         utsrelease.patch
         rxtx-2.2-lock.patch
         rxtx-2.2-fhs_lock.patch
+        rxtx-2.2-format-security.patch
         ttyACM_port.patch
         java10.patch
         java11.patch
@@ -26,6 +27,7 @@
          '2f21ec5eb108f871815242698b6150f1'
          '1f7c43d582bfe9daea22d7f7057436da'
          'f4d22d263f45cd1d4db6242dd0ac78ae'
+         '32094214422b717a31841146ca78400d'
          '903a3fe0067d0682dd5f64483c741df6'
          '683dd95e6e419b2b63851c08ede7ca86'
          '1db5c64e239c80294d00c932237889dd'
@@ -55,6 +57,9 @@
   # Fix undefined symbol
   patch -Np1 -i ../rxtx-2.2-undefined_symbol.patch
 
+  # Fix format-security errors
+  patch -p1 -i ../rxtx-2.2-format-security.patch
+
   rm *.m4
   autoreconf -fi
 }

Added: rxtx-2.2-format-security.patch
===================================================================
--- rxtx-2.2-format-security.patch	                        (rev 0)
+++ rxtx-2.2-format-security.patch	2022-04-25 18:54:08 UTC (rev 1190046)
@@ -0,0 +1,118 @@
+Debian patch for fixing errors emitted due to -Werror=format-security.
+The patch can be found at:
+https://salsa.debian.org/java-team/rxtx/-/blob/6500bd55f265de7d2dfef68dc1df5d8b990f66c3/debian/patches/format_security.patch
+
+Bug: https://bugs.gentoo.org/550534
+
+---
+From: tony mancill <tmancill at debian.org>
+Forwarded: no
+Description: use format specifiers in fprintf statements for hardening flags
+
+--- a/src/SerialImp.c
++++ b/src/SerialImp.c
+@@ -5108,7 +5108,7 @@
+ void report_warning(const char *msg)
+ {
+ #ifndef DEBUG_MW
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #else
+ 	mexWarnMsgTxt( (const char *) msg );
+ #endif /* DEBUG_MW */
+@@ -5129,7 +5129,7 @@
+ #ifdef DEBUG_MW
+ 	mexErrMsgTxt( msg );
+ #else
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #endif /* DEBUG_MW */
+ #endif /* DEBUG_VERBOSE */
+ }
+@@ -5145,7 +5145,7 @@
+ void report_error(const char *msg)
+ {
+ #ifndef DEBUG_MW
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #else
+ 	mexWarnMsgTxt( msg );
+ #endif /* DEBUG_MW */
+@@ -5164,7 +5164,7 @@
+ {
+ #ifdef DEBUG
+ #	ifndef DEBUG_MW
+-		fprintf(stderr, msg);
++		fprintf(stderr, "%s", msg);
+ #	else
+ 		mexPrintf( msg );
+ #	endif /* DEBUG_MW */
+--- a/src/ParallelImp.c
++++ b/src/ParallelImp.c
+@@ -920,7 +920,7 @@
+ void report_error(char *msg)
+ {
+ #ifndef DEBUG_MW
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #else
+ 	mexWarnMsgTxt( msg );
+ #endif /* DEBUG_MW */
+@@ -938,7 +938,7 @@
+ void report(char *msg)
+ {
+ #ifdef DEBUG
+-        fprintf(stderr, msg);
++        fprintf(stderr, "%s", msg);
+ #endif /* DEBUG */
+ }
+ 
+--- a/src/SerialImp.cpp
++++ b/src/SerialImp.cpp
+@@ -1844,7 +1844,7 @@
+ 
+ 
+ #ifdef DEBUG
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #endif
+ }
+ 
+--- a/CNI/SerialImp.c
++++ b/CNI/SerialImp.c
+@@ -4549,7 +4549,7 @@
+ void report_warning(char *msg)
+ {
+ #ifndef DEBUG_MW
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #else
+ 	mexWarnMsgTxt( (const char *) msg );
+ #endif /* DEBUG_MW */
+@@ -4570,7 +4570,7 @@
+ #ifdef DEBUG_MW
+ 	mexErrMsgTxt( msg );
+ #else
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #endif /* DEBUG_MW */
+ #endif /* DEBUG_VERBOSE */
+ }
+@@ -4586,7 +4586,7 @@
+ void report_error(char *msg)
+ {
+ #ifndef DEBUG_MW
+-	fprintf(stderr, msg);
++	fprintf(stderr, "%s", msg);
+ #else
+ 	mexWarnMsgTxt( msg );
+ #endif /* DEBUG_MW */
+@@ -4605,7 +4605,7 @@
+ {
+ #ifdef DEBUG
+ #	ifndef DEBUG_MW
+-		fprintf(stderr, msg);
++		fprintf(stderr, "%s", msg);
+ #	else
+ 		mexPrintf( msg );
+ #	endif /* DEBUG_MW */

More information about the arch-commits mailing list