forwarded 661536 https://rt.cpan.org/Public/Bug/Display.html?id=75642
severity 661536 grave
tag 661536 security patch
found 661536 2.17.1-2
thanks
On Mon, Feb 27, 2012 at 09:31:31PM +0000, Dominic Hargreaves wrote:
> Source: libdbd-pg-perl
> Severity: normal
> Version: 2.18.1-1
>
> With hardening flags enabled, this package FTBFS:
>
> dbdimp.c: In function 'pg_warn':
> dbdimp.c:331:4: error: format not a string literal and no format arguments
> [-Werror=format-security]
> dbdimp.c: In function 'pg_st_prepare':
> dbdimp.c:1534:4: error: format not a string literal and no format arguments
> [-Werror=format-security]
> cc1: some warnings being treated as errors
These format strings can be injected by a malicious server,
so raising the severity. A DSA will be issued for squeeze.
I've just notified upstream via the RT ticket. Could somebody from the
pkg-perl team (I believe Dominic already volunteered) please prepare
updated packages (built with -sa for stable-security as this is new
there)? Trivial patch attached.
--
Niko Tyni nt...@debian.org
>From f014710c05e4952385c8223a47bb1fcb7b48b51a Mon Sep 17 00:00:00 2001
From: Niko Tyni <nt...@debian.org>
Date: Sat, 3 Mar 2012 21:50:32 +0200
Subject: [PATCH] Explicitly warn and croak with controlled format strings
This fixes builds with 'gcc -Werror=format-security'.
---
dbdimp.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/dbdimp.c b/dbdimp.c
index c298e85..7032f79 100644
--- a/dbdimp.c
+++ b/dbdimp.c
@@ -328,7 +328,7 @@ static void pg_warn (void * arg, const char * message)
DBIc_is(imp_dbh, DBIcf_PrintWarn) ? 1 : 0);
if (DBIc_WARN(imp_dbh) && DBIc_is(imp_dbh, DBIcf_PrintWarn))
- warn(message);
+ warn("%s", message);
if (TEND) TRC(DBILOGFP, "%sEnd pg_warn\n", THEADER);
}
@@ -1531,7 +1531,7 @@ int dbd_st_prepare (SV * sth, imp_sth_t * imp_sth, char * statement, SV * attrib
if (pg_st_prepare_statement(aTHX_ sth, imp_sth)!=0) {
TRACE_PQERRORMESSAGE;
- croak (PQerrorMessage(imp_dbh->conn));
+ croak ("%s", PQerrorMessage(imp_dbh->conn));
}
}
--
1.7.9.1
