Hi Yaroslav, Mike, TigerVNC developers,
Am 06.04.2012 19:08, schrieb Mike Gabriel:
> Hi Joachim,
>
> (reincluding the ITP isssue...)
>
> On Fr 06 Apr 2012 18:59:47 CEST Joachim Falk wrote:
>
>> Am 06.04.2012 18:38, schrieb Mike Gabriel:
>>> Hi Joachim, Yaroslav,
>>>
>>> [SNIP]
>>>
>>> I have tested latest stuff in Git, please do a pull on master
>>> branch on Alioth, I have committed some build-deps.
>>>
>>> However, build fails (on squeeze _and_ sid)... See below...
>>>
>>> Any ideas?
>>
>> Yes. You have a more paranoid build environment than me, i.e.,
>> -Wformat -Wformat-security -Werror=format-security.
>> And the compiler caught a security violation. Format string is not
>> constant but some (maybe user) input.
>>
>> } catch (rdr::Exception& e) {
>> vlog.error(e.str());
>> fl_alert(e.str());
>> exit_vncviewer();
>> return;
>> }
>>
>> http://www.fltk.org/doc-1.3/group__group__comdlg.html
>>
>> fl_alert(e.str()); => fl_alert("%s", e.str()); <= that should work
>
> So we need some CXX flags in debian/rules? Any recommendations? The
> package should build on paranoid and non-paranoid systems, I guess.
>
> Can you provide a patch?
>
> Thanks,
> Mike
Am 06.04.2012 19:17, schrieb Yaroslav Halchenko:
> my 1c: CXX flags should not be overridden to filter out paranoidal flags
I concur
> (it is ok to extend with -O0 for noopt, etc) -- that would complicate
> various hardening etc ports attempts. But providing a patch for
> upstream allowing to build on such systems would be beneficial!
tigervnc-devel should suffice
Mike, Yaroslav, please do a pull on the master branch on Alioth.
(I hope) I have fixed the issue. However, the fix still needs to be
tested.
Furthermore, I have attached the fix for the benefit of tigervnc-devel.
Regards,
Joachim
--
Joachim Falk <Joachim.Falk@gmx.de>
You can always tell a really good idea by the enemies it makes.
--programmers' axiom
Index: vncviewer/Viewport.cxx
===================================================================
--- a/vncviewer/Viewport.cxx (Revision 4882)
+++ b/vncviewer/Viewport.cxx (Arbeitskopie)
@@ -950,7 +950,7 @@
case ID_INFO:
if (fltk_escape(cc->connectionInfo(), buffer, sizeof(buffer)) < sizeof(buffer)) {
fl_message_title(_("VNC connection info"));
- fl_message(buffer);
+ fl_message("%s", buffer);
}
break;
case ID_ABOUT:
Index: vncviewer/vncviewer.cxx
===================================================================
--- a/vncviewer/vncviewer.cxx (Revision 4882)
+++ b/vncviewer/vncviewer.cxx (Arbeitskopie)
@@ -86,7 +86,7 @@
void about_vncviewer()
{
fl_message_title(_("About TigerVNC Viewer"));
- fl_message(aboutText);
+ fl_message("%s", aboutText);
}
static void about_callback(Fl_Widget *widget, void *data)
@@ -311,7 +311,7 @@
delete cc;
if (exitError != NULL)
- fl_alert(exitError);
+ fl_alert("%s", exitError);
return 0;
}
Index: vncviewer/UserDialog.cxx
===================================================================
--- a/vncviewer/UserDialog.cxx (Revision 4882)
+++ b/vncviewer/UserDialog.cxx (Arbeitskopie)
@@ -156,16 +156,16 @@
switch (flags & 0xf) {
case M_OKCANCEL:
- return fl_choice(buffer, NULL, fl_ok, fl_cancel) == 1;
+ return fl_choice("%s", NULL, fl_ok, fl_cancel, buffer) == 1;
case M_YESNO:
- return fl_choice(buffer, NULL, fl_yes, fl_no) == 1;
+ return fl_choice("%s", NULL, fl_yes, fl_no, buffer) == 1;
case M_OK:
default:
if (((flags & 0xf0) == M_ICONERROR) ||
((flags & 0xf0) == M_ICONWARNING))
- fl_alert(buffer);
+ fl_alert("%s", buffer);
else
- fl_message(buffer);
+ fl_message("%s", buffer);
return true;
}
Index: vncviewer/CConn.cxx
===================================================================
--- a/vncviewer/CConn.cxx (Revision 4882)
+++ b/vncviewer/CConn.cxx (Arbeitskopie)
@@ -100,7 +100,7 @@
vlog.info(_("connected to host %s port %d"), serverHost, serverPort);
} catch (rdr::Exception& e) {
vlog.error(e.str());
- fl_alert(e.str());
+ fl_alert("%s", e.str());
exit_vncviewer();
return;
}
Attachment:
signature.asc
Description: OpenPGP digital signature