Package: blhc
Version: 0.11-1
Severity: normal
Hi,
I've been trying to fix a dpkg-buildflags-missing CPPFLAGS lintian issue
in the w1retap package, the blhc output on the build log is:
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): libtool: link: (cd .libs && gcc -g -O2
-fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat
-Werror=format-security -Wall -c -fno-builtin "w1retapS.c")
However looking at the build log snippet[0] the full command is actually
a call to libtool in link mode. This libtool invocation generates a new
S.c file to generate dlsyms information. Looking at the internals of a
generated libtool[1], it's basing the gcc args on LTCFLAGS.
When libtool is generated it bases its LTCFLAGS from CFLAGS[2]. Looking
at the dpkg-buildflags hardening the -D_FORTIFY_SOURCE=2 flag is for
CPPFLAGS rather than CFLAGS[3].
If I rebuild[4] adding qa=+canary to DEB_BUILD_MAINT_OPTIONS I can see
that the canary CFLAGS get added to the libtool call and to the same gcc
call for w1retapS.c for dlsyms generation.
I suspect that blhc is erroneously reporting this.
Kind Regards
Tom
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (800, 'testing'), (700, 'unstable'), (600, 'experimental'), (500,
'unstable-debug'), (500, 'testing-debug'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: armel, armhf, i386
Kernel: Linux 5.4.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages blhc depends on:
ii libdpkg-perl 1.19.7
blhc recommends no packages.
blhc suggests no packages.
-- debconf-show failed
-- footnotes
[0]
/bin/bash ../libtool --tag=CC --mode=link gcc -g -O2
-fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat
-Werror=format-security -Wall -m
odule -Wl,--export-dynamic -lgmodule-2.0 -pthread -lglib-2.0 -lxml2
-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -Wl,--disable-new-dtags -o libw1xml.la
-rpath /usr/li
b/x86_64-linux-gnu/w1retap libw1xml_la-w1xml.lo -lxml2 -lrt -lm
libtool: link: gcc -shared -fPIC -DPIC .libs/w1csv.o -lgmodule-2.0
-lglib-2.0 -lxml2 -lrt -lm -g -O2 -fstack-protector-strong
-Wl,--export-dynamic -pthread
-Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,--as-needed -Wl,--disable-new-dtags
-pthread -Wl,-soname -Wl,libw1csv.so.0 -o .libs/libw1csv.so.0.0.0
libtool: link: gcc -shared -fPIC -DPIC .libs/w1file.o -lgmodule-2.0
-lglib-2.0 -lxml2 -lrt -lm -g -O2 -fstack-protector-strong
-Wl,--export-dynamic -pthread
-Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,--as-needed -Wl,--disable-new-dtags
-pthread -Wl,-soname -Wl,libw1file.so.0 -o .libs/libw1file.so.0.0.0
libtool: link: gcc -shared -fPIC -DPIC .libs/libw1xml_la-w1xml.o
-lgmodule-2.0 -lglib-2.0 -lxml2 -lrt -lm -g -O2 -fstack-protector-strong
-Wl,--export-dynam
ic -pthread -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,--as-needed
-Wl,--disable-new-dtags -pthread -Wl,-soname -Wl,libw1xml.so.0 -o
.libs/libw1xml.so.0.0.0
libtool: link: (cd ".libs" && rm -f "libw1file.so.0" && ln -s
"libw1file.so.0.0.0" "libw1file.so.0")
libtool: link: (cd ".libs" && rm -f "libw1csv.so.0" && ln -s
"libw1csv.so.0.0.0" "libw1csv.so.0")
libtool: link: (cd ".libs" && rm -f "libw1file.so" && ln -s
"libw1file.so.0.0.0" "libw1file.so")
libtool: link: (cd ".libs" && rm -f "libw1csv.so" && ln -s "libw1csv.so.0.0.0"
"libw1csv.so")
libtool: link: ar cru .libs/libw1file.a w1file.o
ar: `u' modifier ignored since `D' is the default (see `U')
libtool: link: ranlib .libs/libw1file.a
libtool: link: ar cru .libs/libw1csv.a w1csv.o
ar: `u' modifier ignored since `D' is the default (see `U')
libtool: link: ranlib .libs/libw1csv.a
libtool: link: (cd ".libs" && rm -f "libw1xml.so.0" && ln -s
"libw1xml.so.0.0.0" "libw1xml.so.0")
libtool: link: (cd ".libs" && rm -f "libw1xml.so" && ln -s "libw1xml.so.0.0.0"
"libw1xml.so")
libtool: link: ( cd ".libs" && rm -f "libw1file.la" && ln -s "../libw1file.la"
"libw1file.la" )
libtool: link: ( cd ".libs" && rm -f "libw1csv.la" && ln -s "../libw1csv.la"
"libw1csv.la" )
libtool: link: ar cru .libs/libw1xml.a libw1xml_la-w1xml.o
/bin/bash ../libtool --tag=CC --mode=link gcc -g -O2
-fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat
-Werror=format-security -Wall -r
dynamic -Wl,--export-dynamic -lgmodule-2.0 -pthread -lglib-2.0 -Wl,-z,relro
-Wl,-z,now -Wl,--as-needed -Wl,--disable-new-dtags -o w1retap w1retap-w1retap.o
w1r
etap-w1conf.o w1retap-w1util.o w1retap-w1sensors.o "-dlopen" libw1file.la
-L./libusblinux300/.libs -L./libusblinux300 -lowfat -lw1common -lm -lxml2 -lrt
-lm
ar: `u' modifier ignored since `D' is the default (see `U')
libtool: link: ranlib .libs/libw1xml.a
libtool: link: ( cd ".libs" && rm -f "libw1xml.la" && ln -s "../libw1xml.la"
"libw1xml.la" )
libtool: link: rm -f .libs/w1retap.nm .libs/w1retap.nmS .libs/w1retap.nmT
