Hi Yaroslav, Mike, TigerVNC developers, Am 06.04.2012 19:08, schrieb Mike Gabriel: > Hi Joachim, > > (reincluding the ITP isssue...) > > On Fr 06 Apr 2012 18:59:47 CEST Joachim Falk wrote: > >> Am 06.04.2012 18:38, schrieb Mike Gabriel: >>> Hi Joachim, Yaroslav, >>> >>> [SNIP] >>> >>> I have tested latest stuff in Git, please do a pull on master >>> branch on Alioth, I have committed some build-deps. >>> >>> However, build fails (on squeeze _and_ sid)... See below... >>> >>> Any ideas? >> >> Yes. You have a more paranoid build environment than me, i.e., >> -Wformat -Wformat-security -Werror=format-security. >> And the compiler caught a security violation. Format string is not >> constant but some (maybe user) input. >> >> } catch (rdr::Exception& e) { >> vlog.error(e.str()); >> fl_alert(e.str()); >> exit_vncviewer(); >> return; >> } >> >> http://www.fltk.org/doc-1.3/group__group__comdlg.html >> >> fl_alert(e.str()); => fl_alert("%s", e.str()); <= that should work > > So we need some CXX flags in debian/rules? Any recommendations? The > package should build on paranoid and non-paranoid systems, I guess. > > Can you provide a patch? > > Thanks, > Mike
Am 06.04.2012 19:17, schrieb Yaroslav Halchenko: > my 1c: CXX flags should not be overridden to filter out paranoidal flags I concur > (it is ok to extend with -O0 for noopt, etc) -- that would complicate > various hardening etc ports attempts. But providing a patch for > upstream allowing to build on such systems would be beneficial! tigervnc-devel should suffice Mike, Yaroslav, please do a pull on the master branch on Alioth. (I hope) I have fixed the issue. However, the fix still needs to be tested. Furthermore, I have attached the fix for the benefit of tigervnc-devel. Regards, Joachim -- Joachim Falk <joachim.f...@gmx.de> You can always tell a really good idea by the enemies it makes. --programmers' axiom
Index: vncviewer/Viewport.cxx =================================================================== --- a/vncviewer/Viewport.cxx (Revision 4882) +++ b/vncviewer/Viewport.cxx (Arbeitskopie) @@ -950,7 +950,7 @@ case ID_INFO: if (fltk_escape(cc->connectionInfo(), buffer, sizeof(buffer)) < sizeof(buffer)) { fl_message_title(_("VNC connection info")); - fl_message(buffer); + fl_message("%s", buffer); } break; case ID_ABOUT: Index: vncviewer/vncviewer.cxx =================================================================== --- a/vncviewer/vncviewer.cxx (Revision 4882) +++ b/vncviewer/vncviewer.cxx (Arbeitskopie) @@ -86,7 +86,7 @@ void about_vncviewer() { fl_message_title(_("About TigerVNC Viewer")); - fl_message(aboutText); + fl_message("%s", aboutText); } static void about_callback(Fl_Widget *widget, void *data) @@ -311,7 +311,7 @@ delete cc; if (exitError != NULL) - fl_alert(exitError); + fl_alert("%s", exitError); return 0; } Index: vncviewer/UserDialog.cxx =================================================================== --- a/vncviewer/UserDialog.cxx (Revision 4882) +++ b/vncviewer/UserDialog.cxx (Arbeitskopie) @@ -156,16 +156,16 @@ switch (flags & 0xf) { case M_OKCANCEL: - return fl_choice(buffer, NULL, fl_ok, fl_cancel) == 1; + return fl_choice("%s", NULL, fl_ok, fl_cancel, buffer) == 1; case M_YESNO: - return fl_choice(buffer, NULL, fl_yes, fl_no) == 1; + return fl_choice("%s", NULL, fl_yes, fl_no, buffer) == 1; case M_OK: default: if (((flags & 0xf0) == M_ICONERROR) || ((flags & 0xf0) == M_ICONWARNING)) - fl_alert(buffer); + fl_alert("%s", buffer); else - fl_message(buffer); + fl_message("%s", buffer); return true; } Index: vncviewer/CConn.cxx =================================================================== --- a/vncviewer/CConn.cxx (Revision 4882) +++ b/vncviewer/CConn.cxx (Arbeitskopie) @@ -100,7 +100,7 @@ vlog.info(_("connected to host %s port %d"), serverHost, serverPort); } catch (rdr::Exception& e) { vlog.error(e.str()); - fl_alert(e.str()); + fl_alert("%s", e.str()); exit_vncviewer(); return; }
signature.asc
Description: OpenPGP digital signature