[Pkg-gpe-maintainers] Bug#643421: libeventdb: FTBFS: sqlite.c:429:7: error: format not a string literal and no format arguments [-Werror=format-security]

Didier Raboud odyx at debian.org
Tue Sep 27 12:32:14 UTC 2011


Source: libeventdb
Version: 0.90-4
Severity: serious
Tags: wheezy sid
User: debian-qa at lists.debian.org
Usertags: qa-ftbfs-20110923 qa-ftbfs hardening-format-security hardening
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part:
>  gcc -DPACKAGE_NAME=\"libeventdb\" -DPACKAGE_TARNAME=\"libeventdb\" -DPACKAGE_VERSION=\"0.90\" "-DPACKAGE_STRING=\"libeventdb 0.90\"" -DPACKAGE_BUGREPORT=\"gpe-list at linuxtogo.org\" -DPACKAGE=\"libeventdb\" -DVERSION=\"0.90\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -I. -I. -pthread -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -D_XOPEN_SOURCE -DPACKAGE_LOCALE_DIR=\"/usr/share/locale/libeventdb\" -D_GNU_SOURCE -g -O2 -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Wall -c sqlite.c  -fPIC -DPIC -o .libs/sqlite.o
> sqlite.c: In function 'do_events_enumerate':
> sqlite.c:429:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_set_default_calendar':
> sqlite.c:444:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_eventid_to_uid':
> sqlite.c:465:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_new':
> sqlite.c:500:3: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_load':
> sqlite.c:531:3: warning: passing argument 3 of 'sqlite_step' from incompatible pointer type [enabled by default]
> /usr/include/sqlite.h:706:5: note: expected 'const char ***' but argument is of type 'char ***'
> sqlite.c:531:3: warning: passing argument 4 of 'sqlite_step' from incompatible pointer type [enabled by default]
> /usr/include/sqlite.h:706:5: note: expected 'const char ***' but argument is of type 'char ***'
> sqlite.c: In function 'do_event_load_details':
> sqlite.c:581:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_flush':
> sqlite.c:680:34: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
> sqlite.c:696:3: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_remove':
> sqlite.c:719:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_list_unacknowledged_alarms':
> sqlite.c:823:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_mark_unacknowledged':
> sqlite.c:867:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_acknowledge_alarms_through':
> sqlite.c:902:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_calendar_new':
> sqlite.c:927:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_calendar_delete':
> sqlite.c:986:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_calendar_list_events':
> sqlite.c:1049:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_calendar_list_deleted':
> sqlite.c:1087:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'do_event_calendar_flush_deleted':
> sqlite.c:1106:7: error: format not a string literal and no format arguments [-Werror=format-security]
> sqlite.c: In function 'event_db_new':
> sqlite.c:1638:7: error: format not a string literal and no format arguments [-Werror=format-security]
> cc1: some warnings being treated as errors
> 
> make[2]: *** [sqlite.lo] Error 1

The full build log is available from:
   http://people.debian.org/~lucas/logs/2011/09/23/libeventdb_0.90-4_lsid64.buildlog

This happened because since dpkg 1.16.0 [0], hardening flags are enabled 
under various conditions.

[0] http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html

A list of current common problems and possible solutions is available at 
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot.  Internet was not
accessible from the build systems.






More information about the Pkg-gpe-maintainers mailing list