Hi guys.
The attached patch fixes openvas-server compilation with
-Werror=format-security.
Please review it and apply to trunk if acceptable. Also let me know the outcome.
If it is fine I'm pretty happy to say that it now also builds for
Mandriva 2009.1. Only issues I have is that I have to run aclocal &
autoconf for -libraries, -libnasl and -plugins cause it fails with
/home/abuild/rpmbuild/BUILD/openvas-plugins-1.0.7/libtool: line 466:
CDPATH: command not found
/home/abuild/rpmbuild/BUILD/openvas-plugins-1.0.7/libtool: line 1144:
func_opt_split: command not found
libtool: Version mismatch error. This is libtool 2.2.6, but the
libtool: definition of this LT_INIT comes from an older release.
libtool: You should recreate aclocal.m4 with macros from libtool 2.2.6
libtool: and run autoconf again.
make[1]: *** [synscan.nes] Error 63
It would be great if you could fix that by updating your autoconf stuff.
FWIW: Regarding the hardening: Mandriva 2009.1 uses "-z -Wl,relro" so
that's somehow tested now as well.
Regards,
Stephan
Index: openvasd/oval_plugins.c
===================================================================
--- openvasd/oval_plugins.c 2009-08-07 12:23:37.000000000 +0200
+++ openvasd/oval_plugins.c 2009-08-24 22:08:25.000000000 +0200
@@ -858,10 +858,10 @@
if (collected == TRUE)
{
- fprintf (sc_file, collected_objects->str);
+ fprintf (sc_file, "%s", collected_objects->str);
}
- fprintf (sc_file, system_data->str);
+ fprintf (sc_file, "%s", system_data->str);
fprintf (sc_file, "</oval_system_characteristics>\n");
g_string_free (collected_objects, TRUE);
g_string_free (system_data, TRUE);
_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
