From 83d9fdaf710b2edc94257e4c8da376e4de273791 Mon Sep 17 00:00:00 2001 From: Mamoru TASAKA Date: Tue, 3 Dec 2013 16:46:11 +0900 Subject: [PATCH] Support -Werror=format-security --- gnome-commander-1.2.8.5-format-security.patch | 65 +++++++++++++++++++ gnome-commander.spec | 10 ++- 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 gnome-commander-1.2.8.5-format-security.patch diff --git a/gnome-commander-1.2.8.5-format-security.patch b/gnome-commander-1.2.8.5-format-security.patch new file mode 100644 index 0000000..92fa0db --- /dev/null +++ b/gnome-commander-1.2.8.5-format-security.patch @@ -0,0 +1,65 @@ +--- gnome-commander-1.2.8.15/libgcmd/libgcmd-widget-factory.cc.format 2011-12-07 04:10:27.000000000 +0900 ++++ gnome-commander-1.2.8.15/libgcmd/libgcmd-widget-factory.cc 2013-12-03 16:29:16.321596112 +0900 +@@ -652,7 +652,7 @@ create_error_dialog (const gchar *msg, . + va_end (argptr); + + dialog = gtk_message_dialog_new (GTK_WINDOW (main_win_widget), GTK_DIALOG_MODAL, +- GTK_MESSAGE_ERROR, GTK_BUTTONS_OK, string); ++ GTK_MESSAGE_ERROR, GTK_BUTTONS_OK, "%s", msg); + + gtk_signal_connect (GTK_OBJECT (dialog), "response", GTK_SIGNAL_FUNC (on_response), dialog); + +@@ -673,7 +673,7 @@ create_warning_dialog (const gchar *msg, + + dialog = gtk_message_dialog_new ( + GTK_WINDOW (main_win_widget), GTK_DIALOG_MODAL, +- GTK_MESSAGE_WARNING, GTK_BUTTONS_OK, msg); ++ GTK_MESSAGE_WARNING, GTK_BUTTONS_OK, "%s", msg); + + gtk_signal_connect (GTK_OBJECT (dialog), "response", + GTK_SIGNAL_FUNC (on_response), dialog); +--- gnome-commander-1.2.8.15/src/gnome-cmd-prepare-xfer-dialog.cc.format 2011-12-07 04:10:28.000000000 +0900 ++++ gnome-commander-1.2.8.15/src/gnome-cmd-prepare-xfer-dialog.cc 2013-12-03 16:38:54.968433434 +0900 +@@ -192,6 +192,7 @@ static void on_ok (GtkButton *button, Gn + (GtkDialogFlags) 0, + GTK_MESSAGE_QUESTION, + GTK_BUTTONS_OK_CANCEL, ++ "%s", + msg); + gint choice = gtk_dialog_run (GTK_DIALOG (dialog)); + gtk_widget_destroy (dialog); +--- gnome-commander-1.2.8.15/src/utils.cc.format 2011-12-07 04:10:29.000000000 +0900 ++++ gnome-commander-1.2.8.15/src/utils.cc 2013-12-03 16:40:20.887350297 +0900 +@@ -193,7 +193,7 @@ gint run_simple_dialog (GtkWidget *paren + button_titles = convert_varargs_to_name_array (button_title_args); + va_end (button_title_args); + +- dialog = gtk_message_dialog_new (GTK_WINDOW (main_win), GTK_DIALOG_MODAL, msg_type, GTK_BUTTONS_NONE, text); ++ dialog = gtk_message_dialog_new (GTK_WINDOW (main_win), GTK_DIALOG_MODAL, msg_type, GTK_BUTTONS_NONE, "%s", text); + if (title) + gtk_window_set_title (GTK_WINDOW (dialog), title); + +@@ -590,7 +590,7 @@ void mime_exec_single (GnomeCmdFile *f) + { + gchar *msg = g_strdup_printf (_("%s does not know how to open remote file. Do you want to download the file to a temporary location and then open it?"), gnome_cmd_app_get_name (app)); + GtkWidget *dialog = gtk_message_dialog_new (GTK_WINDOW (main_win), GTK_DIALOG_MODAL, +- GTK_MESSAGE_QUESTION, GTK_BUTTONS_YES_NO, msg); ++ GTK_MESSAGE_QUESTION, GTK_BUTTONS_YES_NO, "%s", msg); + TmpDlData *dldata = g_new0 (TmpDlData, 1); + args[0] = (gpointer) app; + // args[2] is NULL here (don't set exec dir for temporarily downloaded files) +--- gnome-commander-1.2.8.15/src/utils.h.format 2011-12-07 04:10:29.000000000 +0900 ++++ gnome-commander-1.2.8.15/src/utils.h 2013-12-03 16:31:38.411012903 +0900 +@@ -256,10 +256,11 @@ inline void gnome_cmd_show_message (GtkW + GTK_DIALOG_DESTROY_WITH_PARENT, + GTK_MESSAGE_ERROR, + GTK_BUTTONS_OK, ++ "%s", + message.c_str()); + + if (secondary_text) +- gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dlg), secondary_text); ++ gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dlg), "%s", secondary_text); + + gtk_dialog_run (GTK_DIALOG (dlg)); + gtk_widget_destroy (dlg); diff --git a/gnome-commander.spec b/gnome-commander.spec index 4130519..bde86a0 100644 --- a/gnome-commander.spec +++ b/gnome-commander.spec @@ -26,7 +26,7 @@ %global use_autotool 0 %global update_po 0 %global if_pre 0 -%global main_release 11 +%global main_release 12 %global extratag git_%{git_pull_JST} %undefine extratag %global mimeedit_rev 1958 @@ -66,6 +66,7 @@ Patch0: gnome-commander-1.2.8.15-gcc47.patch Patch1: gnome-commander-1.2.8.15-poppler024.patch # Patch for libgsf 1.14.26 Patch2: gnome-commander-1.2.8.15-newgsf.patch +Patch3: gnome-commander-1.2.8.5-format-security.patch Patch10: mimeedit-svn1958.diff BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -135,6 +136,7 @@ ansluta till FTP-servrar och SMB-nätverk. %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 %if 0%{use_autotool} > 0 ( export NOCONFIGURE=1 ; sh autogen.sh ) @@ -150,6 +152,9 @@ ansluta till FTP-servrar och SMB-nätverk. # gzip gzip -9 ChangeLog-* +%global optflags_orig %optflags +%global optflags %optflags_orig -Werror=format-security + %build # Install wrapper script, and move binaries to # %%{_libexecdir}/%%{name} @@ -249,6 +254,9 @@ desktop-file-install \ %{_datadir}/pixmaps/%{name}/ %changelog +* Tue Dec 3 2013 Mamoru TASAKA - 3:1.2.8.15-12 +- Support -Werror=format-security + * Sat Aug 24 2013 Mamoru TASAKA - 3:1.2.8.15-11 - Patch to compile with poppler 0.24.0