Package: orafce
Version: 3.0.6-1
Usertags: goto-cc

During a rebuild of all packages in a clean sid chroot (and cowbuilder+pbuilder)
the build failed with the following error. Please note that we use our research
compiler tool-chain (using tools from the cbmc package), which permits extended
reporting on type inconsistencies at link time.
[...]
gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat 
-Werror=format-security -fPIC -pie -I/usr/include/mit-krb5 
-DLINUX_OOM_SCORE_ADJ=0 -fno-omit-frame-pointer -Wall -Wmissing-prototypes 
-Wpointer-arith -Wdeclaration-after-statement -Wendif-labels 
-Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv 
-fexcess-precision=standard -g -fpic -shared -o orafunc.so convert.o file.o 
datefce.o magic.o others.o plvstr.o plvdate.o shmmc.o plvsubst.o utility.o 
plvlex.o alert.o pipe.o sqlparse.o putline.o assert.o plunit.o random.o 
aggregate.o -L/usr/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed 
-L/usr/lib/mit-krb5 -L/usr/lib/x86_64-linux-gnu/mit-krb5  -Wl,--as-needed   
-L/usr/lib/gettextlib

error: conflicting function declarations "orafce_sql_yyerror"
old definition in module plvlex file plvlex.c line 40
void (const char *)
new definition in module sqlparse file sqlscan.l line 905
void (struct List **result, const char *message)
/usr/lib/postgresql/9.3/lib/pgxs/src/makefiles/../../src/Makefile.shlib:329: 
recipe for target 'orafunc.so' failed
make[2]: *** [orafunc.so] Error 64
make[2]: Leaving directory 
'/srv/jenkins-slave/workspace/sid-goto-cc-orafce/orafce-3.0.6'
debian/rules:11: recipe for target 'override_dh_auto_install' failed
make[1]: *** [override_dh_auto_install] Error 2

It seems plvlex.c both declares and uses yyerror in the wrong way:

http://sources.debian.net/src/orafce/3.0.6-1/plvlex.c?hl=210#L210

Rather the declaration should be as seen here:

http://sources.debian.net/src/orafce/3.0.6-1/sqlparse.y?hl=47#L47

to match the definition here:

http://sources.debian.net/src/orafce/3.0.6-1/sqlscan.l?hl=905#L905

In the current set up, stack underflow will necessarily occur, resulting in
undefined behaviour.

Best,
Michael

Attachment: pgpCZtg97_Iej.pgp
Description: PGP signature

Reply via email to