[cpl-plugin-uves] 03/03: Fix format security errors
Ole Streicher
olebole-guest at moszumanska.debian.org
Sat Dec 7 18:11:29 UTC 2013
This is an automated email from the git hooks/post-receive script.
olebole-guest pushed a commit to branch debian
in repository cpl-plugin-uves.
commit 9db52281928063a04dafdf891513aab8aa86468c
Author: Ole Streicher <debian at liska.ath.cx>
Date: Sat Dec 7 19:11:04 2013 +0100
Fix format security errors
---
debian/patches/fix_compiler_errors.patch | 306 +++++++++++++++++++++++++++++++
1 file changed, 306 insertions(+)
diff --git a/debian/patches/fix_compiler_errors.patch b/debian/patches/fix_compiler_errors.patch
new file mode 100644
index 0000000..5959f5e
--- /dev/null
+++ b/debian/patches/fix_compiler_errors.patch
@@ -0,0 +1,306 @@
+Author: Ole Streicher <debian at liska.ath.cx>
+Description: Fix format security errors
+--- a/uves/uves_propertylist.c
++++ b/uves/uves_propertylist.c
+@@ -129,7 +129,7 @@
+ uves_propertylist_append_string(plist, cpl_property_get_name(p), cpl_property_get_string(p));
+ break;
+ default:
+- cpl_msg_error("Unknown property type: %s", uves_tostring_cpl_type(cpl_property_get_type(p)));
++ cpl_msg_error(__func__,"Unknown property type: %s", uves_tostring_cpl_type(cpl_property_get_type(p)));
+ cpl_error_set(__func__, CPL_ERROR_UNSUPPORTED_MODE);
+ break;
+ }
+@@ -165,7 +165,7 @@
+ cpl_propertylist_prepend_string(plist, cpl_property_get_name(p), cpl_property_get_string(p));
+ break;
+ default:
+- cpl_msg_error("Unknown property type: %s", uves_tostring_cpl_type(cpl_property_get_type(p)));
++ cpl_msg_error(__func__,"Unknown property type: %s", uves_tostring_cpl_type(cpl_property_get_type(p)));
+ cpl_error_set(__func__, CPL_ERROR_UNSUPPORTED_MODE);
+ break;
+ }
+--- a/uves/uves_reduce_mflat_combine.c
++++ b/uves/uves_reduce_mflat_combine.c
+@@ -460,7 +460,7 @@
+ "Error getting filename");
+
+
+- sprintf(pro_filename,product_filename);
++ sprintf(pro_filename, "%s", product_filename);
+ product_header=uves_propertylist_duplicate(hflat);
+ product_tag[uves_chip_get_index(chip)] = UVES_MASTER_FLAT(chip);
+
+--- a/uves/uves_dfs.c
++++ b/uves/uves_dfs.c
+@@ -716,8 +716,8 @@
+ int uves_check_rec_status(const int val) {
+ if(cpl_error_get_code() != CPL_ERROR_NONE) {
+ uves_msg_error("error before %d",val);
+- uves_msg_error((char* ) cpl_error_get_message());
+- uves_msg_error((char* ) cpl_error_get_where());
++ uves_msg_error("%s", (char* ) cpl_error_get_message());
++ uves_msg_error("%s", (char* ) cpl_error_get_where());
+ return -1;
+ }
+ return 0;
+--- a/uves/uves_parameters.c
++++ b/uves/uves_parameters.c
+@@ -1959,7 +1959,7 @@
+ cpl_pluginlist_delete(list);
+ FAIL(-1, CPL_ERROR_ILLEGAL_INPUT, "Plugin name is NULL");
+ }
+- sprintf(name,cpl_plugin_get_name(plugin));
++ sprintf(name, "%s", cpl_plugin_get_name(plugin));
+
+ if (cpl_plugin_get_type(plugin) != CPL_PLUGIN_TYPE_RECIPE)
+ {
+--- a/uves/uves_physmod_plotmod.c
++++ b/uves/uves_physmod_plotmod.c
+@@ -169,31 +169,31 @@
+
+
+ /* 1st plot */
+- check(uves_plot_table(tbl, "XMOD", "XDIF", title),
++ check(uves_plot_table(tbl, "XMOD", "XDIF", "%s", title),
+ "Plotting failed");
+
+ /* 2nd plot */
+- check(uves_plot_table(tbl, "XMOD", "YDIF", title),
++ check(uves_plot_table(tbl, "XMOD", "YDIF", "%s", title),
+ "Plotting failed");
+
+
+ /* 3rd plot */
+- check(uves_plot_table(tbl, "YMOD", "XDIF", title),
++ check(uves_plot_table(tbl, "YMOD", "XDIF", "%s", title),
+ "Plotting failed");
+
+
+ /* 4th plot */
+- check(uves_plot_table(tbl, "YMOD", "YDIF", title),
++ check(uves_plot_table(tbl, "YMOD", "YDIF", "%s", title),
+ "Plotting failed");
+
+
+ /* 5th plot */
+- check(uves_plot_table(tbl, "XDIF", "YDIF", title),
++ check(uves_plot_table(tbl, "XDIF", "YDIF", "%s", title),
+ "Plotting failed");
+
+
+ /* 6th plot */
+- check(uves_plot_table(tbl, "XMOD", "YMOD", title),
++ check(uves_plot_table(tbl, "XMOD", "YMOD", "%s", title),
+ "Plotting failed");
+
+ cleanup:
+--- a/flames/flames_obs_scired_impl.c
++++ b/flames/flames_obs_scired_impl.c
+@@ -3035,9 +3035,9 @@
+ int outputi=0;
+
+
+- char mess1[80] = "I'm starting with the standard extraction...";
+- char mess2[80] = "The sigma which will be used for the background is %f";
+- char mess3[80] = "The integration window which will be used is %d";
++ const char mess1[80] = "I'm starting with the standard extraction...";
++ const char mess2[80] = "The sigma which will be used for the background is %f";
++ const char mess3[80] = "The integration window which will be used is %d";
+
+
+ check_nomsg(IN_A=cpl_frame_get_filename(sci));
+--- a/flames/flames_cal_prep_sff_ofpos_impl.c
++++ b/flames/flames_cal_prep_sff_ofpos_impl.c
+@@ -2039,8 +2039,8 @@
+ const char *IN_F = out_tab;
+ double SIGMA = DRS_K_S_THRE;
+
+- const char *mess1 = "I'm starting with the optimal extraction...";
+- const char *mess2 = "The sigma which will be used is %f";
++ const char mess1[80] = "I'm starting with the optimal extraction...";
++ const char mess2[80] = "The sigma which will be used is %f";
+
+ check( IN_E_table = cpl_table_load(IN_E, 1, 1),
+ "Failed to load table %s", IN_E);
+--- a/flames/flames_fillholes.c
++++ b/flames/flames_fillholes.c
+@@ -747,7 +747,7 @@
+
+ if ( strcmp(drs_verbosity,"LOW") == 0 ){
+ } else {
+- sprintf(output,drs_id);
++ sprintf(output, "%s", drs_id);
+ SCTPUT(output);
+ SCTPUT("Warning: interpolated large negative value:");
+ sprintf(output, "pixel=%g and sigma=%g at x=%d, \
+@@ -1079,7 +1079,7 @@
+
+ if ( strcmp(drs_verbosity,"LOW") == 0 ) {
+ } else {
+- sprintf(output,drs_id);
++ sprintf(output, "%s", drs_id);
+ SCTPUT(output);
+ SCTPUT("Warning: interpolated large negative value:");
+ sprintf(output, "pixel=%g and sigma=%g at x=%d, \
+@@ -1105,7 +1105,7 @@
+
+ if ( strcmp(drs_verbosity,"LOW") == 0 ) {
+ } else {
+- sprintf(output,drs_id);
++ sprintf(output, "%s", drs_id);
+ SCTPUT(output);
+ SCTPUT("Warning: interpolated too large normalised \
+ value:");
+@@ -1250,7 +1250,7 @@
+ /* we were unable to find any good slice for this fibre, discard it */
+ allflatsin->fibremask[ifibre] = FALSE;
+ ordpos->fibremask[ifibre] = FALSE;
+- sprintf(output,drs_id);
++ sprintf(output, "%s", drs_id);
+ SCTPUT(output);
+ sprintf(output, "fracslices=%f Warning: ignoring fibre %d which has poor coverage",
+ fracslices,ifibre+1);
+--- a/uves/tests/uves_utils-test.c
++++ b/uves/tests/uves_utils-test.c
+@@ -60,7 +60,7 @@
+ #ifdef VERBOSE
+
+ #define test_data(r,f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ r = f; \
+@@ -76,7 +76,7 @@
+ #define test_data(r,f,m) \
+ r = f; \
+ if (!r) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("Failure\n"); \
+ \
+ return 1; \
+@@ -95,7 +95,7 @@
+ #ifdef VERBOSE
+
+ #define test(f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ if (f) { \
+@@ -109,7 +109,7 @@
+
+ #define test(f,m) \
+ if (f) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("Failure\n"); \
+ \
+ return 1; \
+@@ -128,7 +128,7 @@
+ #ifdef VERBOSE
+
+ #define test_failure(e,f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ if (f != e) { \
+@@ -146,7 +146,7 @@
+
+ #define test_failure(e,f,m) \
+ if (f != e) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("\n"); \
+ printf(" Received error: \"%s\"\n", cpl_error_get_message()); \
+ cpl_error_set("cpl_table-test", e); \
+@@ -170,7 +170,7 @@
+ #ifdef VERBOSE
+
+ #define test_ivalue(e,f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ itest = f; \
+@@ -186,7 +186,7 @@
+ #define test_ivalue(e,f,m) \
+ itest = f; \
+ if (itest != e) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("Received %d, expected %d\n", itest, e); \
+ \
+ return 1; \
+@@ -206,7 +206,7 @@
+ #ifdef VERBOSE
+
+ #define test_pvalue(e,f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ ptest = f; \
+@@ -222,7 +222,7 @@
+ #define test_pvalue(e,f,m) \
+ ptest = f; \
+ if (ptest != e) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("Received %p, expected %p\n", ptest, e); \
+ \
+ return 1; \
+@@ -242,7 +242,7 @@
+ #ifdef VERBOSE
+
+ #define test_fvalue(e,t,f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ ftest = f; \
+@@ -258,7 +258,7 @@
+ #define test_fvalue(e,t,f,m) \
+ ftest = f; \
+ if (fabs(ftest - (e)) > t) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("Received %f, expected %f\n", ftest, e); \
+ \
+ return 1; \
+@@ -277,7 +277,7 @@
+ #ifdef VERBOSE
+
+ #define test_svalue(e,f,m) \
+-printf(m); \
++printf("%s", m); \
+ fflush(stdout); \
+ fflush(stderr); \
+ stest = f; \
+@@ -293,7 +293,7 @@
+ #define test_svalue(e,f,m) \
+ stest = f; \
+ if (strcmp(e,stest)) { \
+- printf(m); \
++ printf("%s", m); \
+ printf("Received %s, expected %s\n", stest, e); \
+ \
+ return 1; \
+--- a/uves/tests/uves_response-test.c
++++ b/uves/tests/uves_response-test.c
+@@ -153,10 +153,10 @@
+ check( ref_dec = cpl_table_get_double(flux_table, "DEC_DEG", i, NULL),
+ "Could not read catalogue star declination");
+
+- check( sprintf(ref_name, cpl_table_get_string(flux_table, "OBJECT", i)),
++ check( sprintf(ref_name, "%s", cpl_table_get_string(flux_table, "OBJECT", i)),
+ "Could not read reference object name");
+
+- check( sprintf(ref_type,cpl_table_get_string(flux_table, "TYPE", i)),
++ check( sprintf(ref_type, "%s", cpl_table_get_string(flux_table, "TYPE", i)),
+ "Could not read reference object type");
+
+ uves_msg("std: %s \t %s \t %f \t %f",ref_name,ref_type,ref_ra,ref_dec);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-science/packages/cpl-plugin-uves.git
More information about the debian-science-commits
mailing list