tag #645300 + patch confirmed upstream
user ubuntu-de...@lists.ubuntu.com
usertag #645300 + ubuntu-patch precise
stop
Hi
Attached debdiff fixes the issue for me and a couple of typos in rules
that I noticed while building tidy; please consider it for Debian and
upstream. (I can't upload it to Ubuntu today, but will likely do so
tomorrow to fix the FTBFS.)
Thanks,
--
Loïc Minier
--- tidy-20091223cvs/debian/rules
+++ tidy-20091223cvs/debian/rules
@@ -12,9 +12,9 @@
build/tidy::
## Generate manpage from tidy output
- LD_LIBRARY_PATH=$(CURDUR)/src/.libs/ \
+
LD_LIBRARY_PATH=$${LD_LIBRARY_PATH:+$$LD_LIBRARY_PATH:}$(CURDIR)/src/.libs/ \
$(CURDIR)/console/tidy -xml-help > $(HELPXML)
- LD_LIBRARY_PATH=$(CURDUR)/src/.libs/ \
+
LD_LIBRARY_PATH=$${LD_LIBRARY_PATH:+$$LD_LIBRARY_PATH:}$(CURDIR)/src/.libs/ \
$(CURDIR)/console/tidy -xml-config > $(CONFIGXML)
/usr/bin/xsltproc -o $(MANPAGE) $(MANXSL) $(HELPXML)
--- tidy-20091223cvs/debian/changelog
+++ tidy-20091223cvs/debian/changelog
@@ -1,3 +1,18 @@
+tidy (20091223cvs-1ubuntu1) precise; urgency=low
+
+ * New patch, 10format-warnings, fixes FTBFS with -Werror=format-security;
+ essentially calls to messageNode() declared printf-alike with a variable
+ fmt string, but no subsequent argument; the patch passes "%s" as format
+ and fmt as the only argument; this merely protects this class of calls,
+ but not the ones with e.g. always one argument or always two arguments.
+ Tested by running tidy on some text and HTML files; warnings still seem to
+ be output correctly; Debian #645300.
+ * Use CURDIR instead of CURDUR in rules.
+ * rules: only append to LD_LIBRARY_PATH, don't reset it, as fakeroot relies
+ on it.
+
+ -- Loïc Minier <loic.min...@ubuntu.com> Wed, 30 Nov 2011 23:26:02 +0100
+
tidy (20091223cvs-1) unstable; urgency=low
* New cvs snapshot
only in patch2:
unchanged:
--- tidy-20091223cvs.orig/debian/patches/10format-warnings.patch
+++ tidy-20091223cvs/debian/patches/10format-warnings.patch
@@ -0,0 +1,57 @@
+diff --git a/src/localize.c b/src/localize.c
+index b832c23..e8c8027 100644
+--- a/src/localize.c
++++ b/src/localize.c
+@@ -1373,14 +1373,14 @@ void TY_(ReportAccessWarning)( TidyDocImpl* doc, Node*
node, uint code )
+ {
+ ctmbstr fmt = GetFormatFromCode(code);
+ doc->badAccess |= BA_WAI;
+- messageNode( doc, TidyAccess, node, fmt );
++ messageNode( doc, TidyAccess, node, "%s", fmt );
+ }
+
+ void TY_(ReportAccessError)( TidyDocImpl* doc, Node* node, uint code )
+ {
+ ctmbstr fmt = GetFormatFromCode(code);
+ doc->badAccess |= BA_WAI;
+- messageNode( doc, TidyAccess, node, fmt );
++ messageNode( doc, TidyAccess, node, "%s", fmt );
+ }
+
+ #endif /* SUPPORT_ACCESSIBILITY_CHECKS */
+@@ -1399,7 +1399,7 @@ void TY_(ReportWarning)(TidyDocImpl* doc, Node *element,
Node *node, uint code)
+ switch (code)
+ {
+ case NESTED_QUOTATION:
+- messageNode(doc, TidyWarning, rpt, fmt);
++ messageNode(doc, TidyWarning, rpt, "%s", fmt);
+ break;
+
+ case OBSOLETE_ELEMENT:
+@@ -1480,7 +1480,7 @@ void TY_(ReportError)(TidyDocImpl* doc, Node *element,
Node *node, uint code)
+ case INCONSISTENT_NAMESPACE:
+ case DOCTYPE_AFTER_TAGS:
+ case DTYPE_NOT_UPPER_CASE:
+- messageNode(doc, TidyWarning, rpt, fmt);
++ messageNode(doc, TidyWarning, rpt, "%s", fmt);
+ break;
+
+ case COERCE_TO_ENDTAG:
+@@ -1499,7 +1499,7 @@ void TY_(ReportError)(TidyDocImpl* doc, Node *element,
Node *node, uint code)
+ case ENCODING_IO_CONFLICT:
+ case MISSING_DOCTYPE:
+ case SPACE_PRECEDING_XMLDECL:
+- messageNode(doc, TidyWarning, node, fmt);
++ messageNode(doc, TidyWarning, node, "%s", fmt);
+ break;
+
+ case TRIM_EMPTY_ELEMENT:
+@@ -1548,7 +1548,7 @@ void TY_(ReportFatal)( TidyDocImpl* doc, Node *element,
Node *node, uint code)
+ {
+ case SUSPECTED_MISSING_QUOTE:
+ case DUPLICATE_FRAMESET:
+- messageNode(doc, TidyError, rpt, fmt);
++ messageNode(doc, TidyError, rpt, "%s", fmt);
+ break;
+
+ case UNKNOWN_ELEMENT:
