On Thu, Dec 01, 2011, Colin Watson wrote: > IMO a better fix for this part would be to fix the IfTrace0 macro > directly. That way we don't have to play whack-a-mole with any other > users that may be added later.
It's a good idea; I actually thought of converting the whole series into a variadic macro, but it would have been too large a diff. Attaching a new debdiff with this change Thanks, -- Loïc Minier
diff -u t1lib-5.1.2/debian/changelog t1lib-5.1.2/debian/changelog --- t1lib-5.1.2/debian/changelog +++ t1lib-5.1.2/debian/changelog @@ -1,3 +1,18 @@ +t1lib (5.1.2-3ubuntu2) precise; urgency=low + + * Update patch "format-security" with suggestion from Colin Watson to + replace printf() with puts() for the model-only IfTrace0 macro. + + -- Loïc Minier <loic.min...@ubuntu.com> Thu, 01 Dec 2011 23:24:27 +0100 + +t1lib (5.1.2-3ubuntu1) precise; urgency=low + + * New "format-security" patch, fixes FTBFS with -Werror=format-security by + using relevant "%s" format when passing a variable string to a printf() + function; Debian #646470. + + -- Loïc Minier <loic.min...@ubuntu.com> Thu, 01 Dec 2011 00:25:53 +0100 + t1lib (5.1.2-3build1) lucid; urgency=low * rebuild rest of main for armel armv7/thumb2 optimization; diff -u t1lib-5.1.2/debian/patches/series t1lib-5.1.2/debian/patches/series --- t1lib-5.1.2/debian/patches/series +++ t1lib-5.1.2/debian/patches/series @@ -4,0 +5 @@ +format-security.diff only in patch2: unchanged: --- t1lib-5.1.2.orig/debian/patches/format-security.diff +++ t1lib-5.1.2/debian/patches/format-security.diff @@ -0,0 +1,33 @@ +--- a/lib/type1/objects.c ++++ b/lib/type1/objects.c +@@ -957,7 +957,7 @@ + + sprintf(typemsg, "Wrong object type in %s; expected %s, found %s.\n", + name, TypeFmt(expect), TypeFmt(obj->type)); +- IfTrace0(TRUE,typemsg); ++ IfTrace1(TRUE, "%s", typemsg); + + ObjectPostMortem(obj); + +--- a/lib/t1lib/t1subset.c ++++ b/lib/t1lib/t1subset.c +@@ -759,7 +759,7 @@ + tr_len); + T1_PrintLog( "T1_SubsetFont()", err_warn_msg_buf, + T1LOG_DEBUG); +- l+=sprintf( &(trailerbuf[l]), linebuf); /* contains the PostScript trailer */ ++ l+=sprintf( &(trailerbuf[l]), "%s", linebuf); /* contains the PostScript trailer */ + } + + /* compute size of output file */ +--- a/lib/type1/objects.h ++++ b/lib/type1/objects.h +@@ -214,7 +214,7 @@ + /*SHARED*/ + /* NDW: personally, I want to see status and error messages! */ + #define IfTrace0(condition,model) \ +- {if (condition) printf(model);} ++ {if (condition) fputs(model,stdout);} + #define IfTrace1(condition,model,arg0) \ + {if (condition) printf(model,arg0);} + #define IfTrace2(condition,model,arg0,arg1) \