Signed-off-by: Khem Raj <raj.k...@gmail.com> --- .../t1lib/t1lib-5.1.2/format_security.patch | 41 ++++++++++++++++++++++ meta-oe/recipes-extended/t1lib/t1lib_5.1.2.bb | 3 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-extended/t1lib/t1lib-5.1.2/format_security.patch
diff --git a/meta-oe/recipes-extended/t1lib/t1lib-5.1.2/format_security.patch b/meta-oe/recipes-extended/t1lib/t1lib-5.1.2/format_security.patch new file mode 100644 index 000000000..8b4ce400f --- /dev/null +++ b/meta-oe/recipes-extended/t1lib/t1lib-5.1.2/format_security.patch @@ -0,0 +1,41 @@ +Fix printf formats to use format qualifiers +fixes + +error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] + +Signed-off-by: Khem Raj <raj.k...@gmail.com> +Upstream-Status: Pending + +--- a/lib/type1/objects.c ++++ b/lib/type1/objects.c +@@ -957,7 +957,7 @@ + + sprintf(typemsg, "Wrong object type in %s; expected %s, found %s.\n", + name, TypeFmt(expect), TypeFmt(obj->type)); +- IfTrace0(TRUE,typemsg); ++ IfTrace1(TRUE, "%s", typemsg); + + ObjectPostMortem(obj); + +--- a/lib/t1lib/t1subset.c ++++ b/lib/t1lib/t1subset.c +@@ -759,7 +759,7 @@ + tr_len); + T1_PrintLog( "T1_SubsetFont()", err_warn_msg_buf, + T1LOG_DEBUG); +- l+=sprintf( &(trailerbuf[l]), linebuf); /* contains the PostScript trailer */ ++ l+=sprintf( &(trailerbuf[l]), "%s", linebuf); /* contains the PostScript trailer */ + } + + /* compute size of output file */ +--- a/lib/type1/objects.h ++++ b/lib/type1/objects.h +@@ -214,7 +214,7 @@ + /*SHARED*/ + /* NDW: personally, I want to see status and error messages! */ + #define IfTrace0(condition,model) \ +- {if (condition) printf(model);} ++ {if (condition) fputs(model,stdout);} + #define IfTrace1(condition,model,arg0) \ + {if (condition) printf(model,arg0);} + #define IfTrace2(condition,model,arg0,arg1) \ diff --git a/meta-oe/recipes-extended/t1lib/t1lib_5.1.2.bb b/meta-oe/recipes-extended/t1lib/t1lib_5.1.2.bb index 1d670a7d7..826dbda85 100644 --- a/meta-oe/recipes-extended/t1lib/t1lib_5.1.2.bb +++ b/meta-oe/recipes-extended/t1lib/t1lib_5.1.2.bb @@ -9,7 +9,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=8ca43cbc842c2336e835926c2166c28b \ SRC_URI = "${DEBIAN_MIRROR}/main/t/t1lib/t1lib_${PV}.orig.tar.gz \ file://configure.patch \ - file://libtool.patch" + file://libtool.patch \ + file://format_security.patch" SRC_URI[md5sum] = "a5629b56b93134377718009df1435f3c" SRC_URI[sha256sum] = "821328b5054f7890a0d0cd2f52825270705df3641dbd476d58d17e56ed957b59" -- 2.12.0 -- _______________________________________________ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel