Hmm, forgot to reply to the initial mail...
On Tue, 2010-08-31 at 23:59:58 +0200, Raphael Hertzog wrote:
> On Mon, 23 Aug 2010, Sandro Cazzaniga wrote:
> > I've packaged dpkg-22.214.171.124 and I send you new patch (that fix string
> > format error).
> What is the precise error that you saw?
These should be coming from building with -Wformat-security. So I'm
guessing no actual error has been seen.
> > for (fs = a->choices; fs; fs = fs->next)
> > - pr(fs->master_file);
> > + pr(fs->master_file, "%s");
> pr("%s", fs->master_file)
> would at least make sense, but the opposite is really wrong.
Well yes, it's wrong, but it should just end up being a no-op, except
for shutting up the warnings. The correct change though, will fix a
potential segfault, in case master_file ends up containing a format
specifier. This is also a common source of security bugs, not in this
case though, it would just prevent u-a from working on --list.
I've pushed the fix for this.
> Same goes for the other occurences AFAIK (did not check in detail).
The two other instances are currently fine (even if not really good
form), as the input is under the programmer's control. I've improved
the ar.c one, mostly by adding a more meaningful message, and will merge
a refactoring branch for the file.c which gets rid of the variable
format strings once we open 1.16.x for development.