Bug#643352: arpalert: FTBFS: ./log.c:122:3: error: format not a string literal and no format arguments [-Werror=format-security]

To: submit@bugs.debian.org
Subject: Bug#643352: arpalert: FTBFS: ./log.c:122:3: error: format not a string literal and no format arguments [-Werror=format-security]
From: Didier Raboud <odyx@debian.org>
Date: Tue, 27 Sep 2011 14:22:03 +0200
Message-id: <[🔎] 20110927122203.GA18557@Tamino>
Reply-to: Didier Raboud <odyx@debian.org>, 643352@bugs.debian.org

Source: arpalert
Version: 2.0.11-7
Severity: serious
Tags: wheezy sid
User: debian-qa@lists.debian.org
Usertags: qa-ftbfs-20110923 qa-ftbfs hardening-format-security hardening
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part:
> x86_64-linux-gnu-gcc  -g -O2 -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wall -DCONFIG_FILE=\"/etc/arpalert/arpalert.conf\" -DPID_FILE=\"/var/run/arpalert.pid\" -c -o sens_timeouts.o ./sens_timeouts.c
> ./loadconfig.c: In function 'convert_octal':
> ./loadconfig.c:608:6: warning: variable 'i' set but not used [-Wunused-but-set-variable]
> ./loadmodule.c: In function 'alerte_mod':
> ./loadmodule.c:140:12: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
> ./log.c: In function 'logmsg':
> ./log.c:122:3: error: format not a string literal and no format arguments [-Werror=format-security]
> ./sens_timeouts.c: In function 'sens_timeout_add':
> ./sens_timeouts.c:131:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
> ./sens_timeouts.c: In function 'sens_timeout_exist':
> ./sens_timeouts.c:153:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
> ./loadconfig.c: In function 'set_option':
> ./loadconfig.c:813:33: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
> cc1: some warnings being treated as errors
> 
> make[1]: *** [log.o] Error 1

The full build log is available from:
   http://people.debian.org/~lucas/logs/2011/09/23/arpalert_2.0.11-7_lsid64.buildlog

This happened because since dpkg 1.16.0 [0], hardening flags are enabled 
under various conditions.

[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html

A list of current common problems and possible solutions is available at 
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot.  Internet was not
accessible from the build systems.

Reply to:

Follow-Ups:
- Bug#643352: marked as done (arpalert: FTBFS: ./log.c:122:3: error: format not a string literal and no format arguments [-Werror=format-security])
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#643345: aee: FTBFS: aee.c:2496:3: error: format not a string literal and no format arguments [-Werror=format-security]
Next by Date: Bug#643390: glabels: FTBFS: plessey.c:151:9: error: format not a string literal and no format arguments [-Werror=format-security]
Previous by thread: Bug#643345: marked as done (aee: FTBFS: aee.c:2496:3: error: format not a string literal and no format arguments [-Werror=format-security])
Next by thread: Bug#643352: marked as done (arpalert: FTBFS: ./log.c:122:3: error: format not a string literal and no format arguments [-Werror=format-security])
Index(es):
- Date
- Thread