Bug#1066033: RFS: galvani/0.34-1 [ITP] -- reads data from a device with graphical plots and evaluation

Tue, 26 Mar 2024 10:33:38 -0700 

On 2024-03-26, at 17:20:10 +0100, Dr. Burkard Lutz wrote:
> Am Samstag, dem 16.03.2024 um 11:06 +0100 schrieb Bastian Germann:
> > On Mon, 11 Mar 2024 14:20:25 +0100 "Dr. Burkard Lutz"
> > <b.l...@online.de> wrote:
> > > Changes for the initial release:
> > > 
> > >  galvani (0.34-1) unstable; urgency=medium
> > >  .
> > >    * Initial release.
> > 
> > You are not referring to any ITP. Please file one on the wnpp pseudo
> > package.
> > 
> > > 
> > > My /debian/rules contains:
> > > export DEB_BUILD_MAINT_OPTIONS = hardening=+all
> > > 
> > > Nevertheless I always get the lintian error "hardening-no-fortify-
> > > functions"
> > > How can I fix that?
> > 
> > By making sure that LDFLAGS, CPPFLAGS and CFLAGS set by dpkg are used
> > in to your build.
> > 
> I uploaded a new version to mentors.debian.net/package/galvani.
> Changes since the last upload:
> - ITP (wnpp): (Closes: #1067096)
> - debian/upstream: added sining-key-asc
> - debian/upstream/metadata: added repository:
> https://gitlab.com/b.lutz1/galvani
> - debian/control: added homepage field
> - new debian/copyright
> - new debian/watch
> - debian/rules: added dpkg-buildflags
> 
> I tried to fix the linitan error "hardening-no-fortify-functions"
> I'm using anjuta as IDE. In the project options I added CFLAGS,
> CPPFLAGS, CXXFLAGS and LDFLAGS (output of dpkg-buildflags). 
> My debian/rules is now:
> ---------------------------------------
> #!/usr/bin/make -f
> 
> LDFLAGS  :=$(shell dpkg-buildflags --get LDFLAGS)
> 
> export DH_VERBOSE = 1
> 
> export DEB_BUILD_MAINT_OPTIONS = hardening=+all
> 
> export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
> 
> export DEB_LDFLAGS_MAINT_APPEND = -lstdc++fs
> 
> DPKG_EXPORT_BUILDFLAGS = 1
> include /usr/share/dpkg/buildflags.mk
> CFLAGS += $(CPPFLAGS)
> 
> %:
>       dh $@ --with autoreconf
> ----------------------------------------
> But I got still the same linitan error.
> What is wrong and what can I do to fix the error?

The following should suffice:

  export DH_VERBOSE = 1
  export DEB_BUILD_MAINT_OPTIONS = hardening=+all
  export DEB_LDFLAGS_MAINT_APPEND = -lstdc++fs

  %:
          dh $@ --with autoreconf

Running the build one can see:

  g++ [...] -D_FORTIFY_SOURCE=2 [...]

so the right argument is being passed to the compiler.  There is a list
of the functions that are fortified here:

  https://www.gnu.org/software/libc/manual/html_node/Source-Fortification.html

Does the software use any of these?  If not, this is a false positive.

J.

Attachment: signature.asc
Description: PGP signature

Reply via email to