Package: xdvik-ja
Version: 22.84.13-j1.34-3
Followup-For: Bug #644048
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch
In Debian sid, the attached patch can be applied to achieve the following:
* Add 100_fix_werror_format-security.diff to resolve FTBFS with
format strings. (Closes: #644048)
Thanks for considering the patch.
-- System Information:
Debian Release: wheezy/sid
APT prefers oneiric-updates
APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500,
'oneiric-proposed'), (500, 'oneiric')
Architecture: amd64 (x86_64)
Kernel: Linux 3.0.0-12-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru xdvik-ja-22.84.13-j1.34/debian/patches/100_fix_werror_format-security.diff xdvik-ja-22.84.13-j1.34/debian/patches/100_fix_werror_format-security.diff
--- xdvik-ja-22.84.13-j1.34/debian/patches/100_fix_werror_format-security.diff 1969-12-31 19:00:00.000000000 -0500
+++ xdvik-ja-22.84.13-j1.34/debian/patches/100_fix_werror_format-security.diff 2011-11-09 17:34:53.000000000 -0500
@@ -0,0 +1,35 @@
+diff -Nur -x '*.orig' -x '*~' xdvik-ja-22.84.13-j1.34/build-tree/xdvik-22.84.13/texk/xdvik/gui/message-window.c xdvik-ja-22.84.13-j1.34.new/build-tree/xdvik-22.84.13/texk/xdvik/gui/message-window.c
+--- xdvik-22.84.13/texk/xdvik/gui/message-window.c 2007-07-14 03:47:45.000000000 -0400
++++ xdvik-22.84.13/texk/xdvik/gui/message-window.c 2011-11-09 17:34:51.000000000 -0500
+@@ -704,7 +704,7 @@
+ Widget ret;
+
+ ASSERT(type < (sizeof my_msg_map / sizeof my_msg_map[0]), "too few elements in my_msg_map");
+- sprintf(win_title, my_msg_map[type].window_title);
++ sprintf(win_title, "%s", my_msg_map[type].window_title);
+
+ #if DEBUG
+ fprintf(stderr, "internal_popup_window called with prompt: \"%s\"\n", msg_buf);
+@@ -716,11 +716,11 @@
+ supposed to be printf-format strings (i.e. with doubled `%' to escape them)
+ */
+ fprintf(stderr, "\n%s:\n", my_msg_map[type].window_title);
+- fprintf(stderr, msg_buf);
++ fprintf(stderr, "%s", msg_buf);
+ fprintf(stderr, "\n");
+ if (helptext) {
+ fprintf(stderr, "---------- helptext ----------\n");
+- fprintf(stderr, helptext);
++ fprintf(stderr, "%s", helptext);
+ fprintf(stderr, "\n---------- end of helptext ----------\n");
+ }
+ return NULL;
+@@ -732,7 +732,7 @@
+ if (my_popup_num == MAX_POPUPS) {
+ /* already enough popups on screen, just dump it to stderr */
+ fprintf(stderr, "%s: ", win_title);
+- fprintf(stderr, msg_buf);
++ fprintf(stderr, "%s", msg_buf);
+ fputc('\n', stderr);
+ /* Note: If a mad function continues to open popups, this will
+ * stop after MAX_POPUPS, but open a new window for each
