Bug#997169: tlf: FTBFS: audio.c:50:9: error: format not a string literal and no format arguments [-Werror=format-security]
Source: tlf
Version: 1.4.1-3
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
Hi,
During a rebuild of all packages in sid, your package failed to build
on amd64.
Relevant part (hopefully):
> gcc -DHAVE_CONFIG_H -I. -I.. -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -DPACKAGE_DATA_DIR=\"/usr/share/tlf\" -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -pthread -pthread -I/usr/include/libusb-1.0 -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -c -o background_process.o background_process.c
> audio.c: In function ‘recordmenue’:
> audio.c:50:9: error: format not a string literal and no format arguments [-Werror=format-security]
> 50 | mvprintw(j, 0, backgrnd_str);
> | ^~~~~~~~
> audio.c: In function ‘do_record’:
> audio.c:73:22: warning: zero-length gnu_printf format string [-Wformat-zero-length]
> 73 | mvprintw(17, 20, "");
> | ^~
> audio.c: In function ‘record’:
> audio.c:206:33: warning: zero-length gnu_printf format string [-Wformat-zero-length]
> 206 | mvprintw(4, 10, "");
> | ^~
> audio.c:251:34: warning: zero-length gnu_printf format string [-Wformat-zero-length]
> 251 | mvprintw(18, 20, "");
> | ^~
> addmult.c: In function ‘init_and_load_multipliers’:
> addmult.c:343:44: warning: ‘__builtin___sprintf_chk’ may write a terminating nul past the end of the destination [-Wformat-overflow=]
> 343 | sprintf(mults_location, "%s%s%s", PACKAGE_DATA_DIR, "/", multsfile);
> | ^
> In file included from /usr/include/stdio.h:866,
> from addmult.c:27:
> /usr/include/x86_64-linux-gnu/bits/stdio2.h:38:10: note: ‘__builtin___sprintf_chk’ output between 16 and 513 bytes into a destination of size 512
> 38 | return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 39 | __bos (__s), __fmt, __va_arg_pack ());
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> autocq.c: In function ‘auto_cq’:
> autocq.c:75:26: warning: zero-length gnu_printf format string [-Wformat-zero-length]
> 75 | mvprintw(12, 29, "");
> | ^~
> autocq.c:107:9: error: format not a string literal and no format arguments [-Werror=format-security]
> 107 | mvprintw(12, 29, spaces(13));
> | ^~~~~~~~
> autocq.c:108:26: warning: zero-length gnu_printf format string [-Wformat-zero-length]
> 108 | mvprintw(12, 29, "");
> | ^~
> autocq.c:119:5: error: format not a string literal and no format arguments [-Werror=format-security]
> 119 | mvprintw(12, 29, spaces(13));
> | ^~~~~~~~
> gcc -DHAVE_CONFIG_H -I. -I.. -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -DPACKAGE_DATA_DIR=\"/usr/share/tlf\" -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -pthread -pthread -I/usr/include/libusb-1.0 -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -c -o bandmap.o bandmap.c
> cc1: some warnings being treated as errors
> cc1: some warnings being treated as errors
> make[3]: *** [Makefile:652: audio.o] Error 1
The full build log is available from:
http://qa-logs.debian.net/2021/10/23/tlf_1.4.1-3_unstable.log
A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
If you reassign this bug to another package, please marking it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects
If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
Reply to: