From 21f0493147449c28185a42708a0fb3d374433940 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 1 Feb 2014 09:11:30 -0700 Subject: [PATCH] Fix build with -Werror=format-security (bug #1037120) --- hdf-format.patch | 561 +++++++++++++++++++++++++++++++++++++++++++++++ hdf.spec | 9 +- 2 files changed, 569 insertions(+), 1 deletion(-) create mode 100644 hdf-format.patch diff --git a/hdf-format.patch b/hdf-format.patch new file mode 100644 index 0000000..8c10f76 --- /dev/null +++ b/hdf-format.patch @@ -0,0 +1,561 @@ +diff -up hdf-4.2.9/hdf/util/hdf2gif.c.format hdf-4.2.9/hdf/util/hdf2gif.c +--- hdf-4.2.9/hdf/util/hdf2gif.c.format 2013-02-07 21:44:54.000000000 -0700 ++++ hdf-4.2.9/hdf/util/hdf2gif.c 2014-01-31 22:49:26.533838223 -0700 +@@ -143,7 +143,7 @@ int main(int argc , char **argv) { + if(file_id == -1) { + printf("Unable to open HDF file"); + status = HEvalue(1); +- printf(HEstring(status)); ++ printf("%s",HEstring(status)); + exit(0); + } + +@@ -162,7 +162,7 @@ int main(int argc , char **argv) { + + if ((status = GRfileinfo(gr_id , &n_images , &n_fileattributes)) == -1) { + status = HEvalue(1); +- printf(HEstring(status)); ++ printf("%s",HEstring(status)); + exit(0); + } + +diff -up hdf-4.2.9/hdf/util/writehdf.c.format hdf-4.2.9/hdf/util/writehdf.c +--- hdf-4.2.9/hdf/util/writehdf.c.format 2013-02-07 21:44:54.000000000 -0700 ++++ hdf-4.2.9/hdf/util/writehdf.c 2014-01-31 22:38:49.331653168 -0700 +@@ -77,13 +77,13 @@ char *GIFFileName; + if(file_id == -1) { + printf("Unable to create HDF file"); + status = HEvalue(1); +- printf(HEstring(status)); ++ printf("%s",HEstring(status)); + exit(0); + } + + if ((status = Vstart(file_id)) == -1) { + printf("Could not start VGroup interface\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + exit(-1); + } + +@@ -99,7 +99,7 @@ char *GIFFileName; + status = Vsetattr (vgroup_id, "Global Palette" , DFNT_UINT8, 3 * gifHead.TableSize , (VOIDP)gifHead.HDFPalette); + if (status) { + printf("Could not add global palette.\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + } + } + for (i = 0 ; i < CommentCount ; i++) { +@@ -144,14 +144,14 @@ char *GIFFileName; + /* GRSetCompress */ + if ((status = GRsetcompress(ri_id, comp_type, &c_info)) == -1) { + printf("Error occured while setting compression\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + exit(-1); + } + + /* Write the GR Image */ + if ((status = GRwriteimage(ri_id, start, NULL, edges, (VOIDP)gifImageDesc.Image)) == -1) { + printf("Error occured while trying to write GR image\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + exit(-1); + } + +@@ -160,7 +160,7 @@ char *GIFFileName; + + if ((status = GRwritelut (pal_id , 3, DFNT_UINT8, interlace_mode, 256, (VOIDP)gifImageDesc.HDFPalette)) == -1) { + printf("Could not write palette\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + exit(-1); + } + +@@ -169,7 +169,7 @@ char *GIFFileName; + + if ((status = GRendaccess(ri_id)) == -1) { + printf("Could not terminate GR access\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + exit(-1); + } + +@@ -178,7 +178,7 @@ char *GIFFileName; + /* Adding GR to vgroup */ + if((status = Vaddtagref(vgroup_id,(int32)1965,gr_ref))==-1) { + printf("Could not add tag to Vgroup"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + } + + +@@ -187,28 +187,28 @@ char *GIFFileName; + /* Terminate GR access */ + if ((status = GRend (gr_id))==-1) { + printf("Could not end GR access\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + printf("Trying to continue (file may be corrupt)...\n"); + } + + /* Terminate access to the VGroup */ + if ((status = Vdetach(vgroup_id))==-1) { + printf("Could not detach Vgroup\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + printf("Trying to continure (file may be corrupt)...\n"); + } + + /* Terminate access to the V interface */ + if ((status = Vend(file_id))==-1) { + printf("Could not end VGroup access\n"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + printf("Trying to continure (file may be corrupt)... \n"); + } + + /* Close the HDF file */ + if ((status = Hclose (file_id))==-1) { + printf("Could not close HDF file. Fatal Error"); +- printf(HEstring(HEvalue(1))); ++ printf("%s",HEstring(HEvalue(1))); + return(-1); + } + return(0); +diff -up hdf-4.2.9/mfhdf/hdfimport/hdfimport.c.format hdf-4.2.9/mfhdf/hdfimport/hdfimport.c +--- hdf-4.2.9/mfhdf/hdfimport/hdfimport.c.format 2013-02-07 21:44:45.000000000 -0700 ++++ hdf-4.2.9/mfhdf/hdfimport/hdfimport.c 2014-02-01 08:54:54.512707178 -0700 +@@ -628,7 +628,7 @@ main(int argc, char *argv[]) + break; + case ERR: /* command syntax error */ + default: +- (void) fprintf(stderr, err2); ++ (void) fprintf(stderr, "%s", err2); + usage(argv[0]); + goto err; + } +@@ -639,7 +639,7 @@ main(int argc, char *argv[]) + */ + if (!outfile_named) + { +- (void) fprintf(stderr, err3); ++ (void) fprintf(stderr, "%s", err3); + usage(argv[0]); + goto err; + } +@@ -656,7 +656,7 @@ main(int argc, char *argv[]) + return(0); + + err: +- (void) fprintf(stderr, err4); ++ (void) fprintf(stderr, "%s", err4); + return(1); + } + +@@ -960,7 +960,7 @@ gdimen(struct infilesformat infile_info, + sds_name = (char *)HDmalloc(name_len+1); + if (sds_name == NULL) + { +- (void) fprintf(stderr, err6); ++ (void) fprintf(stderr, "%s", err6); + goto err; + } + +@@ -2227,7 +2227,7 @@ indexes(float32 *scale, int dim, int *id + */ + if ((midpt = (float32 *) HDmalloc((size_t) dim * sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + for (i = 0; i < dim - 1; i++) +@@ -2329,13 +2329,13 @@ interp(struct Input *in, struct Raster * + */ + if ((hratio = (float32 *) HDmalloc((size_t) im->hres * sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((vratio = (float32 *) HDmalloc((unsigned int) im->vres * + sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -2343,7 +2343,7 @@ interp(struct Input *in, struct Raster * + if ((dratio = (float32 *) HDmalloc((unsigned int) im->dres * + sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } +@@ -2355,13 +2355,13 @@ interp(struct Input *in, struct Raster * + if ((hinc = (int *) HDmalloc((unsigned int) im->hres * + sizeof(int))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((voff = (int *) HDmalloc((unsigned int) (im->vres + 1) * + sizeof(int))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -2369,7 +2369,7 @@ interp(struct Input *in, struct Raster * + if ((doff = (int *) HDmalloc((unsigned int) (im->dres + 1) * + sizeof(int))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } +@@ -2640,7 +2640,7 @@ palette(char *palfile) + */ + if (DFR8setpalette(pal)) + { +- (void) fprintf(stderr, err3); ++ (void) fprintf(stderr, "%s", err3); + goto err; + } + +@@ -2681,7 +2681,7 @@ pixrep(struct Input *in, struct Raster * + */ + if ((hidx = (int *) HDmalloc((unsigned int) (im->hres + 1) * sizeof(int))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + +@@ -2694,7 +2694,7 @@ pixrep(struct Input *in, struct Raster * + if ((vidx = (int *) HDmalloc((unsigned int) (im->vres + 1) * + sizeof(int))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + +@@ -2711,7 +2711,7 @@ pixrep(struct Input *in, struct Raster * + if ((didx = (int *) HDmalloc((unsigned int) (im->dres + 1) * + sizeof(int))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + +@@ -2725,7 +2725,7 @@ pixrep(struct Input *in, struct Raster * + if ((pix = (unsigned char *) HDmalloc((unsigned int) (in->dims[0] + 1))) == + NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + for (k = 0, odidx = didx[0] - 1; k < im->dres; k++) +@@ -2842,35 +2842,35 @@ alloc_data(VOIDP *data, int32 len, int o + case 5: /* NO_NE */ + if ((*data = (VOIDP) HDmalloc((size_t) len * sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, alloc_err); ++ (void) fprintf(stderr, "%s", alloc_err); + return FAIL; + } + break; + case 1: /* 64-bit float */ + if ((*data = (VOIDP) HDmalloc((size_t) len * sizeof(float64))) == NULL) + { +- (void) fprintf(stderr, alloc_err); ++ (void) fprintf(stderr, "%s", alloc_err); + return FAIL; + } + break; + case 2: /* 32-bit integer */ + if ((*data = (VOIDP) HDmalloc((size_t) len * sizeof(int32))) == NULL) + { +- (void) fprintf(stderr, alloc_err); ++ (void) fprintf(stderr, "%s", alloc_err); + return FAIL; + } + break; + case 3: /* 16-bit integer */ + if ((*data = (VOIDP) HDmalloc((size_t) len * sizeof(int16))) == NULL) + { +- (void) fprintf(stderr, alloc_err); ++ (void) fprintf(stderr, "%s", alloc_err); + return FAIL; + } + break; + case 4: /* 8-bit integer */ + if ((*data = (VOIDP) HDmalloc((size_t) len * sizeof(int8))) == NULL) + { +- (void) fprintf(stderr, alloc_err); ++ (void) fprintf(stderr, "%s", alloc_err); + return FAIL; + } + break; +@@ -2901,7 +2901,7 @@ write_SDS(int32 sds_id, struct Input *in + start[1] = 0; + if (SDwritedata(sds_id, start, NULL, edges, (VOIDP)in->data) != 0) + { +- (void) fprintf(stderr, write_err); ++ (void) fprintf(stderr, "%s", write_err); + return FAIL; + } + } +@@ -2916,7 +2916,7 @@ write_SDS(int32 sds_id, struct Input *in + start[2] = 0; + if (SDwritedata(sds_id, start, NULL, edges, (VOIDP)in->data) != 0) + { +- (void) fprintf(stderr, write_err); ++ (void) fprintf(stderr, "%s", write_err); + return FAIL; + } + } +@@ -3163,7 +3163,7 @@ process(struct Options *opt) + /* set range */ + if (SDsetrange(sds_id, &in.max, &in.min)!=0) + { +- (void) fprintf(stderr, err5a); ++ (void) fprintf(stderr, "%s", err5a); + goto err; + } + +@@ -3191,7 +3191,7 @@ process(struct Options *opt) + /* set range */ + if (SDsetrange(sds_id, &in.fp64s.max, &in.fp64s.min)!=0) + { +- (void) fprintf(stderr, err5a); ++ (void) fprintf(stderr, "%s", err5a); + goto err; + } + +@@ -3220,7 +3220,7 @@ process(struct Options *opt) + /* set range */ + if (SDsetrange(sds_id, &in.in32s.max, &in.in32s.min)!=0) + { +- (void) fprintf(stderr, err5a); ++ (void) fprintf(stderr, "%s", err5a); + goto err; + } + +@@ -3248,7 +3248,7 @@ process(struct Options *opt) + /* set range */ + if (SDsetrange(sds_id, &in.in16s.max, &in.in16s.min)!=0) + { +- (void) fprintf(stderr, err5a); ++ (void) fprintf(stderr, "%s", err5a); + goto err; + } + +@@ -3276,7 +3276,7 @@ process(struct Options *opt) + /* set range */ + if (SDsetrange(sds_id, &in.in8s.max, &in.in8s.min)!=0) + { +- (void) fprintf(stderr, err5a); ++ (void) fprintf(stderr, "%s", err5a); + goto err; + } + +@@ -3296,7 +3296,7 @@ process(struct Options *opt) + /* close data set */ + if (SDendaccess(sds_id) == FAIL ) + { +- (void) fprintf(stderr, err6a); ++ (void) fprintf(stderr, "%s", err6a); + goto err; + } + +@@ -3322,7 +3322,7 @@ process(struct Options *opt) + im.hres = (opt->hres == 0) ? in.dims[0] : opt->hres; + if ((im.hres < in.dims[0]) && (opt->ctm == EXPAND)) + { +- (void) fprintf(stderr, err3a); ++ (void) fprintf(stderr, "%s", err3a); + (void) fprintf(stderr, err3b, "Horiz."); + (void) fprintf(stderr, err3c, "horiz."); + (void) fprintf(stderr, err3d, in.dims[0]); +@@ -3332,7 +3332,7 @@ process(struct Options *opt) + im.vres = (opt->vres == 0) ? in.dims[1] : opt->vres; + if ((im.vres < in.dims[1]) && (opt->ctm == EXPAND)) + { +- (void) fprintf(stderr, err3a); ++ (void) fprintf(stderr, "%s", err3a); + (void) fprintf(stderr, err3b, "Vert."); + (void) fprintf(stderr, err3c, "vert."); + (void) fprintf(stderr, err3d, in.dims[1]); +@@ -3347,7 +3347,7 @@ process(struct Options *opt) + if ((im.dres < in.dims[2]) && + (opt->ctm == EXPAND)) + { +- (void) fprintf(stderr, err3a); ++ (void) fprintf(stderr, "%s", err3a); + (void) fprintf(stderr, err3b, "Depth"); + (void) fprintf(stderr, err3c, "depth"); + (void) fprintf(stderr, err3d, +@@ -3359,7 +3359,7 @@ process(struct Options *opt) + len = im.hres * im.vres * im.dres; + if ((im.image = (unsigned char *) HDmalloc((unsigned int) len)) == NULL) + { +- (void) fprintf(stderr, err2); ++ (void) fprintf(stderr, "%s", err2); + goto err; + } + +@@ -3389,7 +3389,7 @@ process(struct Options *opt) + if (DFR8addimage(opt->outfile, ip, im.hres, + im.vres, DFTAG_RLE)) + { +- (void) fprintf(stderr, err4); ++ (void) fprintf(stderr, "%s", err4); + goto err; + } + } +@@ -3430,7 +3430,7 @@ process(struct Options *opt) + /* close the output file */ + if (SDend (sd_id) != 0) + { +- (void) fprintf(stderr, err6); ++ (void) fprintf(stderr, "%s", err6); + goto err; + } + +@@ -3519,13 +3519,13 @@ static int init_scales(struct Input * in + if ((in->hscale = (float32 *) HDmalloc((size_t) + (in->dims[0] + 1) * sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((in->vscale = (float32 *) HDmalloc((size_t) + (in->dims[1] + 1) * sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -3533,7 +3533,7 @@ static int init_scales(struct Input * in + if ((in->dscale = (float32 *) HDmalloc((size_t) + (in->dims[2] + 1) * sizeof(float32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } +@@ -3544,13 +3544,13 @@ static int init_scales(struct Input * in + if ((in->fp64s.hscale = (float64 *) HDmalloc((size_t) + (in->dims[0] + 1) * sizeof(float64))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((in->fp64s.vscale = (float64 *) HDmalloc((size_t) + (in->dims[1] + 1) * sizeof(float64))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -3558,7 +3558,7 @@ static int init_scales(struct Input * in + if ((in->fp64s.dscale = (float64 *) HDmalloc((size_t) + (in->dims[2] + 1) * sizeof(float64))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } +@@ -3567,13 +3567,13 @@ static int init_scales(struct Input * in + if ((in->in32s.hscale = (int32 *) HDmalloc((size_t) + (in->dims[0] + 1) * sizeof(int32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((in->in32s.vscale = (int32 *) HDmalloc((size_t) + (in->dims[1] + 1) * sizeof(int32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -3581,7 +3581,7 @@ static int init_scales(struct Input * in + if ((in->in32s.dscale = (int32 *) HDmalloc((size_t) + (in->dims[2] + 1) * sizeof(int32))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } +@@ -3591,13 +3591,13 @@ static int init_scales(struct Input * in + if ((in->in16s.hscale = (int16 *) HDmalloc((size_t) + (in->dims[0] + 1) * sizeof(int16))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((in->in16s.vscale = (int16 *) HDmalloc((size_t) + (in->dims[1] + 1) * sizeof(int16))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -3605,7 +3605,7 @@ static int init_scales(struct Input * in + if ((in->in16s.dscale = (int16 *) HDmalloc((size_t) + (in->dims[2] + 1) * sizeof(int16))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } +@@ -3615,13 +3615,13 @@ static int init_scales(struct Input * in + if ((in->in8s.hscale = (int8 *) HDmalloc((size_t) + (in->dims[0] + 1) * sizeof(int8))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if ((in->in8s.vscale = (int8 *) HDmalloc((size_t) + (in->dims[1] + 1) * sizeof(int8))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + if (in->rank == 3) +@@ -3629,7 +3629,7 @@ static int init_scales(struct Input * in + if ((in->in8s.dscale = (int8 *) HDmalloc((size_t) + (in->dims[2] + 1) * sizeof(int8))) == NULL) + { +- (void) fprintf(stderr, err1); ++ (void) fprintf(stderr, "%s", err1); + goto err; + } + } diff --git a/hdf.spec b/hdf.spec index a4e5335..2953700 100644 --- a/hdf.spec +++ b/hdf.spec @@ -1,6 +1,6 @@ Name: hdf Version: 4.2.9 -Release: 3%{?dist} +Release: 4%{?dist} Summary: A general purpose library and file format for storing scientific data License: BSD Group: System Environment/Libraries @@ -15,6 +15,9 @@ Patch4: hdf-4.2.7-arm.patch Patch5: hdf-declaration.patch # Patch to fix integer wrapping in test Patch6: hdf-wrap.patch +# Fix build with -Werror=format-security +# https://bugzilla.redhat.com/show_bug.cgi?id=1037120 +Patch7: hdf-format.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: flex byacc libjpeg-devel zlib-devel %if "%{?dist}" != ".el4" @@ -54,6 +57,7 @@ HDF development headers and libraries. %patch4 -p1 -b .arm %patch5 -p1 -b .declaration %patch6 -p1 -b .wrap +%patch7 -p1 -b .format chmod a-x *hdf/*/*.c hdf/*/*.h # restore include file timestamps modified by patching @@ -123,6 +127,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Sat Feb 1 2014 Orion Poplawski 4.2.9-4 +- Fix build with -Werror=format-security (bug #1037120) + * Tue Aug 13 2013 Karsten Hopp 4.2.9-3 - temporarily skip checks on ppc* (#961007)