Debian Bug report logs - #643458
planner: FTBFS: mrp-storage-module-factory.c:93:3: error: format not a string literal and no format arguments [-Werror=format-security]

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Didier Raboud <odyx@debian.org>

To: submit@bugs.debian.org

Subject: planner: FTBFS: mrp-storage-module-factory.c:93:3: error: format not a string literal and no format arguments [-Werror=format-security]

Date: Tue, 27 Sep 2011 14:36:25 +0200

Source: planner
Version: 0.14.4-4
Severity: serious
Tags: wheezy sid
User: debian-qa@lists.debian.org
Usertags: qa-ftbfs-20110923 qa-ftbfs hardening-format-security hardening
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part:
> /bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../libplanner -I.. -I../libplanner -pthread -DORBIT2=1 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2 -I/usr/include/gnome-vfs-2.0 -I/usr/lib/gnome-vfs-2.0/include -I/usr/include/gconf/2 -I/usr/include/orbit-2.0    -DSTORAGEMODULEDIR=\""/usr/lib/planner/storage-modules"\" -DFILEMODULESDIR=\""/usr/lib/planner/file-modules"\" -DPLUGINDIR=\""/usr/lib/planner/plugins"\" -DDATADIR=\""/usr/share/planner"\"    -g -O2 -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wall -c -o mrp-storage-module-factory.lo mrp-storage-module-factory.c
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../libplanner -I.. -I../libplanner -pthread -DORBIT2=1 -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2 -I/usr/include/gnome-vfs-2.0 -I/usr/lib/gnome-vfs-2.0/include -I/usr/include/gconf/2 -I/usr/include/orbit-2.0 -DSTORAGEMODULEDIR=\"/usr/lib/planner/storage-modules\" -DFILEMODULESDIR=\"/usr/lib/planner/file-modules\" -DPLUGINDIR=\"/usr/lib/planner/plugins\" -DDATADIR=\"/usr/share/planner\" -g -O2 -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wall -c mrp-storage-module-factory.c  -fPIC -DPIC -o .libs/mrp-storage-module-factory.o
> mrp-storage-module-factory.c: In function 'storage_module_factory_load':
> mrp-storage-module-factory.c:93:3: error: format not a string literal and no format arguments [-Werror=format-security]
> mrp-storage-module-factory.c:101:3: error: format not a string literal and no format arguments [-Werror=format-security]
> cc1: some warnings being treated as errors
> 
> make[3]: *** [mrp-storage-module-factory.lo] Error 1

The full build log is available from:
   http://people.debian.org/~lucas/logs/2011/09/23/planner_0.14.4-4_lsid64.buildlog

This happened because since dpkg 1.16.0 [0], hardening flags are enabled 
under various conditions.

[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html

A list of current common problems and possible solutions is available at 
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot.  Internet was not
accessible from the build systems.

Message #12 received at 643458@bugs.debian.org (full text, mbox, reply):

From: Frederic Peters <fpeters@debian.org>

To: 643458@bugs.debian.org

Subject: patch

Date: Sat, 1 Oct 2011 15:10:47 +0200

[Message part 1 (text/plain, inline)]

This bug has been fixed upstream in e1c5e8b8d14; attached is a patch
suitable for quilt.


Regards,

        Fred

[10_fix_format_string_literal (text/plain, attachment)]

Message #19 received at 643458@bugs.debian.org (full text, mbox, reply):

From: Jonas Meyer <quitte@gmail.com>

To: Debian Bug Tracking System <643458@bugs.debian.org>

Subject: planner: builds fine after a version bump to 0.14.5

Date: Fri, 14 Oct 2011 12:44:28 +0200

Package: planner
Followup-For: Bug #643458

Dear maintainer,
bumping the version to 0.14.5 builds fine with the debian directory of
0.14.4-4

regards, Jonas


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages planner depends on:
ii  gconf2                        2.32.4-1     
ii  libart-2.0-2                  2.3.21-1     
ii  libatk1.0-0                   2.2.0-2      
ii  libbonobo2-0                  2.24.3-1     
ii  libbonoboui2-0                2.24.3-1     
ii  libc6                         2.13-21      
ii  libcairo2                     1.10.2-6.1   
ii  libfontconfig1                2.8.0-3      
ii  libfreetype6                  2.4.6-2      
ii  libgconf2-4                   2.32.4-1     
ii  libgdk-pixbuf2.0-0            2.24.0-1     
ii  libglade2-0                   1:2.6.4-1    
ii  libglib2.0-0                  2.28.6-3     
ii  libgnome2-0                   2.32.1-2     
ii  libgnomecanvas2-0             2.30.3-1     
ii  libgnomeui-0                  2.24.5-2     
ii  libgnomevfs2-0                1:2.24.4-1   
ii  libgtk2.0-0                   2.24.6-2     
ii  libice6                       2:1.0.7-2    
ii  liborbit2                     1:2.14.18-0.2
ii  libpango1.0-0                 1.29.4-1     
ii  libpopt0                      1.16-1       
ii  libpython2.7                  2.7.2-7      
ii  libsm6                        2:1.2.0-2    
ii  libxml2                       2.7.8.dfsg-5 
ii  libxslt1.1                    1.1.26-8     
ii  python                        2.7.2-9      
ii  python-support                1.0.14       
ii  rarian-compat [scrollkeeper]  0.8.1-5      
ii  shared-mime-info              0.90-1       

planner recommends no packages.

planner suggests no packages.

-- no debconf information

Message #24 received at 643458@bugs.debian.org (full text, mbox, reply):

From: Josue Abarca <jmaslibre@debian.org.gt>

To: 643458@bugs.debian.org

Cc: control@bugs.debian.org

Subject: pending

Date: Fri, 4 Nov 2011 11:36:15 -0600

tags 643458 + fixed
thanks

Hello, Wences Arana and I are working to adopt this package.

Thanks for the report and for the patch. The new upstream release
fixed this bug.

Here is our git repository in collab-maint:
http://anonscm.debian.org/gitweb/?p=collab-maint/planner.git;a=summary

and here is our TODO list:
http://wiki.debian.org/Teams/pkg-planner

Cheers.

-- 
Josué M. Abarca S.
Vos mereces Software Libre.
PGP key 4096R/70D8FB2A 2009-06-17
Huella de clave = B3ED 4984 F65A 9AE0 6511  DAF4 756B EB4B 70D8 FB2A

Message #31 received at 643458@bugs.debian.org (full text, mbox, reply):

From: Josue Abarca <jmaslibre@debian.org.gt>

To: 643458@bugs.debian.org, 644679@bugs.debian.org

Cc: 558617@bugs.debian.org, 635483@bugs.debian.org, 632993@debian.org

Subject: We need a sponsor

Date: Mon, 21 Nov 2011 12:19:25 -0600

Those bugs are fixed in the last version of the package, but we need a
sponsor[0].

[0] http://lists.debian.org/debian-mentors/2011/11/msg00424.html
-- 
Josué M. Abarca S.

Message #40 received at 643458-close@bugs.debian.org (full text, mbox, reply):

From: Wences Arana <aranax@debian.org.gt>

To: 643458-close@bugs.debian.org

Subject: Bug#643458: fixed in planner 0.14.5-1

Date: Sat, 31 Dec 2011 16:03:59 +0000

Source: planner
Source-Version: 0.14.5-1

We believe that the bug you reported is fixed in the latest version of
planner, which is due to be installed in the Debian FTP archive:

planner-data_0.14.5-1_all.deb
  to main/p/planner/planner-data_0.14.5-1_all.deb
planner-dev_0.14.5-1_amd64.deb
  to main/p/planner/planner-dev_0.14.5-1_amd64.deb
planner-doc_0.14.5-1_all.deb
  to main/p/planner/planner-doc_0.14.5-1_all.deb
planner_0.14.5-1.debian.tar.gz
  to main/p/planner/planner_0.14.5-1.debian.tar.gz
planner_0.14.5-1.dsc
  to main/p/planner/planner_0.14.5-1.dsc
planner_0.14.5-1_amd64.deb
  to main/p/planner/planner_0.14.5-1_amd64.deb
planner_0.14.5.orig.tar.xz
  to main/p/planner/planner_0.14.5.orig.tar.xz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 643458@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Wences Arana <aranax@debian.org.gt> (supplier of updated planner package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 23 Jul 2011 16:21:36 -0600
Source: planner
Binary: planner planner-dev planner-doc planner-data
Architecture: source amd64 all
Version: 0.14.5-1
Distribution: unstable
Urgency: low
Maintainer: Wences Arana <aranax@debian.org.gt>
Changed-By: Wences Arana <aranax@debian.org.gt>
Description: 
 planner    - project management application
 planner-data - Data files for planner
 planner-dev - Planner development library
 planner-doc - Documentation for planner
Closes: 558617 632993 635483 643458 644679
Changes: 
 planner (0.14.5-1) unstable; urgency=low
 .
   * New upstream release (Closes: #635483)
     + Fixes FTBFS -format not a string literal and no format arguments-
       (Closes: #643458)
   * New maintainers, thanks to Xavier Oswald for his previous work.
     (Closes: #632993)
   * debian/rules
     + The package is using debhelper 8 now
     + Use gtk-doc to build documentation
     + "--with autoreconf" added (Closes: #558617)
   * debian/control
     - cdbs removed from Build-Depends
     - libgnomevfs2-dev removed from Build-Depends because it is not needed
       anymore (Thanks to Didier Roche for the tip).
     - dpkg-dev removed from Build-Depends, because it is not needed
       anymore, since Etch (to have a binNMU safe package).
     + debhelper added to Build-Depends
     + Standards-Version updated to 3.9.2 (no changes needed)
     + Private library/plugins excluded in the call to dh_makeshlibs
     + Minor improvements to the description of planner and planner-dev
     + Package split into planner, planner-data and planner-doc (plus the
       previous binary package planner-dev)
     + VCS fields added
     + Added X-Python-Version field (and rebuild with python 2.7 as the
       python default) (Closes: #644679)
     + libgtk2.0-dev's version updated to >= 2.14.0 in Build-Depends (see the
       upstream's README)
   * Use dh_python2 instead of python-support
     - debian/pyversions and debian/pycompat dropped
     - debian/rules python-support removed from Build-Depends and from
       Depends of the -dev package
     - debian/control python-dev version bumped to 2.6.6-3~
   * debian-changes-0.14.4-3 dropped because it was created due to the
     presence of the auto-generated file config.status.lineno
   * dependant_typo.diff patch added in order to fix a typo
   * debian/copyright
     + The file was rewritten in order to use DEP-5.
     + The copyright multiple files was added.
     + The FSF address was updated (bug known upstream as #664112)
   * libplanner-1.so* files moved to /usr/lib/planner/ in order to comply
     with the Debian Debian Policy 10.2 which states that not public
     libraries should be installed in subdirectories of /usr/lib
     + debian/rules --libdir parameter added to the call to dh_auto_configure.
     + plugins_directory.diff patch added in order to keep the *-modules and
       plugins directories in the right place (due to the use of "--libdir").
     + debian/control dh-autoreconf added to the Build-Depends field.
   * Lintian override for package-name-doesnt-match-sonames dropped
     - debian/planner.dirs dropped because this was here in order to install
       the override
   * AUTHORS and README files dropped because the information is already
     available in the package.
   * command_line_args.diff patch added in order to make planner able to
     read files from command line again.
 .
   [Dmitry Smirnov] <onlyjob@member.fsf.org>
   * including examples (*.planner files)
   * debian/control
     - removed unused build-dep: autotools-dev
     + tighter build-deps on python-gtk2-dev (>= 2.24)
     + tighter build-deps on intltool (>= 0.41.1-3) due to bug #560704
   * debian/rules to use dpkg-provided build flags
Checksums-Sha1: 
 d8d67e98a3aa3dd72de079f25a2ca0d19613313a 2485 planner_0.14.5-1.dsc
 1006d8da7481fef905a2cdbd332c65fcab29ffab 3385520 planner_0.14.5.orig.tar.xz
 7d4de1a0157821e898e8b0009b2f06a8e99c165f 16694 planner_0.14.5-1.debian.tar.gz
 66b0b510a5a2ec747cfbac2f6b91d6ba1fba978a 489972 planner_0.14.5-1_amd64.deb
 836f5ef4fa78914499af1c9e6bc88b1bafb5cdf6 114038 planner-dev_0.14.5-1_amd64.deb
 d074cf4af707fec8a74d6c9a1d5f3c8566f2cbf0 2822434 planner-doc_0.14.5-1_all.deb
 7c2c999238cd5bb72173ded8e0db49bfcf973ff9 907062 planner-data_0.14.5-1_all.deb
Checksums-Sha256: 
 c69f2ea33a32081a2ef3a0e0ed6186ba4dd7d1a811d8dcc84916d7100a4d2bca 2485 planner_0.14.5-1.dsc
 6289b12cf7ecad00900ff09c76214196436cf32e8bdd71defd207a32b3af54ce 3385520 planner_0.14.5.orig.tar.xz
 c5f84f7fc35c57050d4e3bd22f49ea74c3cb17aff40a562757311d1bb5ff2ecd 16694 planner_0.14.5-1.debian.tar.gz
 56293be894ab2b2a3a186b68c0cd0b3bca1011d906a60fac2b8b547a0011a587 489972 planner_0.14.5-1_amd64.deb
 085f5791294ceb6b6793db7511c7f7141211a99e5e036596aa1bee5afea766eb 114038 planner-dev_0.14.5-1_amd64.deb
 880ad4d2c3e74bec46adeb407097e15fd124580a15c3f0c2b31ec6c30ba6fe3d 2822434 planner-doc_0.14.5-1_all.deb
 2be2f5766750582f64847786c000a043aa562dc609ad8bf4d26dd1e6ccd0a12d 907062 planner-data_0.14.5-1_all.deb
Files: 
 6c96e614bf9f2e050fda5efd68f7c42a 2485 gnome optional planner_0.14.5-1.dsc
 496a1ab38b273acbc082dc015293fe0b 3385520 gnome optional planner_0.14.5.orig.tar.xz
 77e6cc85a59fe33f44a2904fa24651fc 16694 gnome optional planner_0.14.5-1.debian.tar.gz
 01de8fd581acf1a807e8662e7ccd1d41 489972 gnome optional planner_0.14.5-1_amd64.deb
 3b1d96376ae222995f4dfded1d429aa4 114038 libdevel optional planner-dev_0.14.5-1_amd64.deb
 215f52f0b19882864a6b0459c44cdd95 2822434 doc optional planner-doc_0.14.5-1_all.deb
 53f2cda934132f6582caa27ba6443bde 907062 gnome optional planner-data_0.14.5-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJO/h4GAAoJENu+nU2Z0qAEnnEP/39hw8ABVo/ynUk832Qw0DUU
HVPFhJpkYI7DaQqBkqwCAHyyjaCuTUGoQQOwKPjoqNkSS4LpcBpxlTRzKF4oaUSJ
JQ6AUoRjK32tb5QLzJx4/mT1CoZ9G+HjytStK3qS1aYItmTSRxYrN49qwqbBVQx/
i+C1M9VN3HhqGzfuWCL6zp0sNRKUVfZUaK42hJMbum7nUAlIjn5+34Z50rRqSQE0
T2zgzonoYnCahIf8IUKeoXrt+bynBQgaicej21tDWHI5NS5+NbUNHxxa0d41Ce02
54DlxEAS6lYQiOi9vDWizIXnX7l/zBvh9WrwYNH8cAaUPCqSaK0UjBtgwRJ8f6Nc
c+CVBLiGS2gYRoxzQubpGLq1RQsCnmYgQfIaZb6wVzkZ4ffb2KT0mwb8mdDpfXi9
g03jzgGAPVxbfKPhpaoYwdp/8m2AnwVhU/jsWGYMwVGj5n7jMEHr+YKktrjt/cl6
BUq8ArEe4KZj3oDRXbfxatvXl02sdjLm6W27O2MAt1K3V+LfxdLaYWzzpTD6Grc2
gPsysdIds/yVnozsJSpq8iOn2lQdPY8hIC9lGkZ8AkPC2E43soeGj08cJqaceeAE
DvkbP3rk/+bjrNi3brUlwP0aPQ/Fy63kjornWRkeN/bSkfUjOEX+77GS3MD4720c
aKCSHcRlEnDpSuLls5B6
=eM3b
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.