Re: osmcoastline lintian override

To: debian-gis@lists.debian.org
Subject: Re: osmcoastline lintian override
From: "Sebastiaan Couwenberg" <sebastic@xs4all.nl>
Date: Wed, 1 Apr 2015 10:18:49 +0200
Message-id: <[🔎] 5b80b6aa85a980d4ffe76f0a5babdc61.squirrel@webmail.xs4all.nl>
In-reply-to: <[🔎] 20150401080239.GB15077@utopia.topf.org>
References: <[🔎] 20150401080239.GB15077@utopia.topf.org>

> The 'osmcoastline' package contains a file
> ./usr/share/lintian/overrides/osmcoastline with this:
>
> # Build uses -D_FORTIFY_SOURCE=2, but hardening-check reports:
> #  Fortify Source functions: no, only unprotected functions found!
> #         unprotected: memset
> #         unprotected: vsnprintf
> #         unprotected: memmove
> #         unprotected: read
> #         unprotected: memcpy
> osmcoastline: hardening-no-fortify-functions usr/bin/osmcoastline_filter
> osmcoastline: hardening-no-fortify-functions usr/bin/osmcoastline_ways
>
> Is this something to be concerned about?

No, that's why there is an override.

The compiler optimizations tend to cause these unprotected functions even
when -D_FORTIFY_SOURCE=2 is used.

The lintian issue is a trigger to check if the hardening buildflag is
used, because it happens often that only CFLAGS are used by the build
system so you need to append CPPFLAGS to CFLAGS or patch the buildsystem
to also have -D_FORTIFY_SOURCE=2 used.

Kind Regards,

Bas

Reply to:

References:
- osmcoastline lintian override
  - From: Jochen Topf <jochen@remote.org>

Prev by Date: Re: New releases libosmium, osmium-tool, osmcoastline
Next by Date: generating debian/control while building source package
Previous by thread: osmcoastline lintian override
Next by thread: Re: New releases libosmium, osmium-tool, osmcoastline
Index(es):
- Date
- Thread