[tecnoballz] 31/56: Harden the build unless the "nohardening" option is specified.

Fri Jan 30 12:12:55 UTC 2015

This is an automated email from the git hooks/post-receive script.

apo-guest pushed a commit to branch master
in repository tecnoballz.

commit b608ed10124eab94faa31e3f7d10a804d14036ee
Author: Peter Pentchev <roam at ringlet.net>
Date:   Fri Feb 18 14:03:58 2011 +0000

    Harden the build unless the "nohardening" option is specified.
---
 debian/changelog                  |  1 +
 debian/control                    |  1 +
 debian/patches/032_warnings.patch | 75 ++++++++++++++++++++++++++++++++++++++-
 debian/rules                      |  6 ++++
 4 files changed, 82 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 3d2619e..c982e7a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -15,6 +15,7 @@ tecnoballz (0.92-4) UNRELEASED; urgency=low
     build option is specified.
   * Add the 032_warnings patch to fix a slew of compiler warnings.
   * Bump Standards-Version to 3.9.1 with no changes.
+  * Harden the build unless the "nohardening" build option is specified.
 
  -- Peter Pentchev <roam at ringlet.net>  Thu, 17 Feb 2011 10:35:58 +0200
 
diff --git a/debian/control b/debian/control
index 122dcd5..6adba9c 100644
--- a/debian/control
+++ b/debian/control
@@ -4,6 +4,7 @@ Priority: optional
 Maintainer: Debian Games Team <pkg-games-devel at lists.alioth.debian.org>
 Uploaders: Barry deFreese <bdefreese at debian.org>
 Build-Depends: debhelper (>= 8), autoconf, automake, dpkg-dev (>= 1.15.7~),
+               hardening-includes,
                libsdl-mixer1.2-dev, 
                libmikmod2-dev, libxext-dev, libvorbis-dev, 
                libogg-dev, libsmpeg-dev, libxxf86dga-dev, 
diff --git a/debian/patches/032_warnings.patch b/debian/patches/032_warnings.patch
index c227529..cb995a5 100644
--- a/debian/patches/032_warnings.patch
+++ b/debian/patches/032_warnings.patch
@@ -4,6 +4,7 @@ Description: Fix some compiler warnings.
  - add some parentheses to disambiguate operations' priority
  - initialize a loop index to avoid an array[-1] access
  - add some parentheses to fix a comparison's logic
+ - check for write(2) errors
 Forwarded: no
 Author: Peter Pentchev <roam at ringlet.net>
 Last-Update: 2011-02-17
@@ -68,6 +69,42 @@ Last-Update: 2011-02-17
  {
    /* locate a file under one of the data directories */
    char *pname = locate_data_file (fname);
+@@ -759,6 +759,9 @@
+ void
+ handler_resources::save_high_score_file (char *buffer, Uint32 size)
+ {
++  size_t left;
++  ssize_t n;
++
+ #ifdef WIN32
+   /* set umask so that files are group-writable */
+   _umask (0002);
+@@ -772,11 +775,23 @@
+                "handler_resources::saveScores(): file:%s / error:%s\n",
+                fnamescore, strerror (errno));
+     }
++  left = size;
++  while (left > 0)
++    {
+ #ifdef WIN32
+-  _write (fhand, buffer, size);
++      n = _write (fhand, buffer + size - left, left);
+ #else
+-  write (fhand, buffer, size);
++      n = write (fhand, buffer + size - left, left);
+ #endif
++      if (n == -1)
++	{
++	  fprintf (stderr, "handler_resources::saveScores(): file: %s / error:%s\n",
++	      fnamescore, strerror(errno));
++	  close (fhand);
++	  return;
++	}
++      left -= n;
++  }
+   if (close (fhand) == -1)
+     {
+       fprintf (stderr,
 --- a/include/handler_resources.h
 +++ b/include/handler_resources.h
 @@ -42,7 +42,7 @@
@@ -143,7 +180,16 @@ Last-Update: 2011-02-17
    gem_id = h;
 --- a/src/supervisor_map_editor.cc
 +++ b/src/supervisor_map_editor.cc
-@@ -832,7 +832,7 @@
+@@ -774,6 +774,8 @@
+ //map_size = map_size * 2;
+   Uint32
+   bytes_size = map_size * sizeof (Uint16);
++  size_t left;
++  ssize_t n;
+ 
+   /*
+     Uint16 *map2 = new Uint16[map_size];
+@@ -832,7 +834,7 @@
  #else
    umask (0002);
  #endif
@@ -152,6 +198,33 @@ Last-Update: 2011-02-17
    filename = "edmap.data";
    Sint32
    handle = open (filename, O_WRONLY | O_CREAT, 00666);
+@@ -843,11 +845,24 @@
+       delete[]filedata;
+       return false;
+     }
++  left = bytes_size;
++  while (left > 0)
++    {
+ #ifdef WIN32
+-  _write (handle, filedata, bytes_size);
++      n = _write (handle, filedata + bytes_size - left, left);
+ #else
+-  write (handle, filedata, bytes_size);
++      n = write (handle, filedata + bytes_size - left, left);
+ #endif
++      if (n == -1)
++	{
++	  std::cerr << "supervisor_map_editor::save_tilesmap() file " <<
++	    filename << "; error " << strerror (errno) << std::endl;
++	  close (handle);
++	  delete[]filedata;
++	  return false;
++	}
++      left -= n;
++    }
+   if (close (handle) == -1)
+     {
+       std::cerr << "supervisor_map_editor::save_tilesmap() file " <<
 --- a/include/supervisor_shop.h
 +++ b/include/supervisor_shop.h
 @@ -164,7 +164,7 @@
diff --git a/debian/rules b/debian/rules
index ddb5a60..03d77bc 100755
--- a/debian/rules
+++ b/debian/rules
@@ -14,6 +14,12 @@ ifeq (,$(filter nowerror,$(DEB_BUILD_OPTIONS)))
 	CXXFLAGS+=	-Werror
 endif
 
+include /usr/share/hardening-includes/hardening.make
+ifeq (,$(filter nohardening,$(DEB_BUILD_OPTIONS)))
+CXXFLAGS+=	$(HARDENING_CFLAGS)
+LDFLAGS+=	$(HARDENING_LDFLAGS)
+endif
+
 export CPPFLAGS CXXFLAGS LDFLAGS
 
 override_dh_auto_configure:

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-games/tecnoballz.git

