compat 8 vs compat 9

Sebastian Ramacher sramacher at debian.org
Mon Aug 19 00:35:37 UTC 2013 

On 2013-08-19 02:07:44, Jaromír Mikeš wrote:
> 2013/8/19 Sebastian Ramacher <sramacher at debian.org>
> 
> > On 2013-08-19 01:08:56, Jaromír Mikeš wrote:
> > > I have two packages (jack-capture and yoshimi) which have FTBS with
> > compat
> > > 9.
> > > What is difference between compat 8 and 9?
> >
> > The changes between the compat levels are listed in debhelper(7). Just
> > search for COMPATIBILITY LEVELS.
> >
> > What are errors you're getting with compat level 9?
> >

So that's

 "All of the dh_auto_* debhelper programs and dh set environment
 variables listed by dpkg-buildflags, unless they are already set."

and hardening kicking in. In general this should be fixed. For this
particular error, there is a bit of information available in the wiki:
https://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_FORMAT_.28gcc.2Fg.2B-.2B-_-Wformat_-Wformat-security_-Werror.3Dformat-security.29

Both errors look like they are easy to fix. They are both of the pattern
printf(foo) where printf("%s", foo); should have been used instead.

> Here is yoshimi build:
> 
> /tmp/buildd/yoshimi-1.1.0/obj-
> x86_64-linux-gnu/MasterUI.cxx: In member function 'void
> MasterUI::do_load_master(bool, const char*)':
> /tmp/buildd/yoshimi-1.1.0/obj-x86_64-linux-gnu/MasterUI.cxx:1121:39: error:
> format not a string literal and no format arguments
> [-Werror=format-security]
> /tmp/buildd/yoshimi-1.1.0/obj-x86_64-linux-gnu/MasterUI.cxx:1124:39: error:
> format not a string literal and no format arguments
> [-Werror=format-security]
> cc1plus: some warnings being treated as errors
> make[3]: *** [CMakeFiles/yoshimi.dir/MasterUI.cxx.o] Error 1

This can be fixed by using fl_alert("%s", msg.c_str()); instead.

> Here jack-capture:
> 
> gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
> -Werror=format-security -O2 -DVERSION=\"0.9.71\" -Wall -Wextra -Wno-unused
> jack_capture.c vringbuffer.c upwaker.c osc.c -o jack_capture -Wl,-z,relro
> -ljack -lsndfile -lm -lpthread -lrt `cat config_flags`
> jack_capture.c: In function 'autoincrease_callback':
> jack_capture.c:336:49: warning: unused parameter 'vrb' [-Wunused-parameter]
>  static int autoincrease_callback(
> vringbuffer_t *vrb, bool first_call, int reading_size, int writing_size){
>                                                  ^
> jack_capture.c:336:75: warning: unused parameter 'reading_size'
> [-Wunused-parameter]
>  static int autoincrease_callback(vringbuffer_t *vrb, bool first_call, int
> reading_size, int writing_size){
>                                                                            ^
> jack_capture.c: In function 'print_console':
> jack_capture.c:663:9: error: format not a string literal and no format
> arguments [-Werror=format-security]
>          printf(vol);
>          ^
> jack_capture.c:671:9: error: format not a string literal and no format

Here printf("%s", vol); should be enough.

Hope that helps
-- 
Sebastian Ramacher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20130819/9f490c55/attachment.sig>

More information about the pkg-multimedia-maintainers mailing list