Bug#670993: busybox: Please use dpkg-buildflags for hardening support
02.05.2012 16:39, Bastian Blank пишет:
> On Mon, Apr 30, 2012 at 11:00:38PM -0700, Steve Langasek wrote:
>> On Tue, May 01, 2012 at 09:53:14AM +0400, Michael Tokarev wrote:
>>> Why do you filter this -W option?
>> Well, it causes a build failure if you don't. ;) I inherited this from the
>> previous Ubuntu changes, so I haven't fully reviewed the reason for this
>> change but I believe they're all in the category of things that are safe but
>> that gcc can't prove are safe.
>
> Is there a patch forwarded to busybox upstream to fix the problems?
That's the constructs like this:
bb_error_msg_and_die(bb_msg_memory_exhausted);
where bb_msg_memory_exhausted is declared as extern char *.
This is a poor-man implementation of internal constant
string folding done by gcc for years.
archival/libarchive/data_extract_to_command.c: In function ‘xputenv’:
archival/libarchive/data_extract_to_command.c:41:3: error: format not a string literal and no format arguments [-Werror=format-security]
cc1: some warnings being treated as errors
I'm not sure a patch for this should be sent to upstream,
unless it will patch out all this stuff to rely on gcc
to do the work. But even there, it wont save from using
slightly different wording for the same message...
So I'm filtering out this -Werror=format-security indeed.
Thanks,
/mjt
Reply to: