[SCM] das-watchdog/master: Hardening fixes:

[alessio at users.alioth.debian.org]

The following commit has been merged in the master branch:
commit df4e9e6930fccdd82b68891b6139e2745fb2a234
Author: Alessio Treglia <alessio at debian.org>
Date:   Wed Oct 16 17:44:21 2013 +0100

    Hardening fixes:
    
    - Patch buildsystem to accept compiler and linker flags set in the
      external environment.
    - Add patch to fix build failure with -Werror=format-security.

diff --git a/debian/patches/02-makefile.patch b/debian/patches/02-makefile.patch
new file mode 100644
index 0000000..01b8f5c
--- /dev/null
+++ b/debian/patches/02-makefile.patch
@@ -0,0 +1,20 @@
+Description: Accept environemnt's compiler and linker flags.
+Author: Alessio Treglia <alessio at debian.org>
+Forwarded: no
+---
+ Makefile |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- das-watchdog.orig/Makefile
++++ das-watchdog/Makefile
+@@ -10,8 +10,8 @@ DIST=$(TAR)-$(VERSION)
+ 
+ all:
+ 	which xmessage
+-	gcc das_watchdog.c -o das_watchdog $(FLAGS)
+-	gcc test_rt.c -o test_rt
++	gcc $(LDFLAGS) $(CFLAGS) $(CPPFLAGS) das_watchdog.c -o das_watchdog $(FLAGS)
++	gcc $(LDFLAGS) $(CFLAGS) $(CPPFLAGS) test_rt.c -o test_rt
+ 
+ dist:
+ 	make clean
diff --git a/debian/patches/03-hardening.patch b/debian/patches/03-hardening.patch
new file mode 100644
index 0000000..33f4033
--- /dev/null
+++ b/debian/patches/03-hardening.patch
@@ -0,0 +1,44 @@
+Description: Fix build failure with -Werror=format-security
+Author: Alessio Treglia <alessio at debian.org>
+Forwarded: no
+---
+ das_watchdog.c |    8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- das-watchdog.orig/das_watchdog.c
++++ das-watchdog/das_watchdog.c
+@@ -51,14 +51,14 @@ typedef u_int64_t ui64;
+ typedef guint64 ui64;
+ #endif
+ 
+-#define OPTARGS_BEGIN(das_usage) {int lokke;const char *usage=das_usage;for(lokke=1;lokke<argc;lokke++){char *a=argv[lokke];if(!strcmp("--help",a)||!strcmp("-h",a)){printf(usage);return 0;
++#define OPTARGS_BEGIN(das_usage) {int lokke;const char *usage=das_usage;for(lokke=1;lokke<argc;lokke++){char *a=argv[lokke];if(!strcmp("--help",a)||!strcmp("-h",a)){printf("%s", usage);return 0;
+ #define OPTARG(name,name2) }}else if(!strcmp(name,a)||!strcmp(name2,a)){{
+ #define OPTARG_GETINT() atoi(argv[++lokke])
+ #define OPTARG_GETFLOAT() atof(argv[++lokke])
+ #define OPTARG_GETSTRING() argv[++lokke]
+ #define OPTARG_LAST() }}else if(lokke==argc-1){lokke--;{
+ #define OPTARGS_ELSE() }else if(1){
+-#define OPTARGS_END }else{fprintf(stderr,usage);return(-1);}}}
++#define OPTARGS_END }else{fprintf(stderr,"%s",usage);return(-1);}}}
+ 
+ 
+ static int increasetime=1; // Seconds between each time the SCHED_OTHER thread is increasing the counter.
+@@ -93,7 +93,7 @@ static void print_error(FILE *where,char
+   va_start(ap, fmt);{
+     vsnprintf (temp, 9998, fmt, ap);
+   }va_end(ap);
+-  syslog(LOG_INFO,temp);
++  syslog(LOG_INFO,"%s",temp);
+   fprintf(where,"Das_Watchdog: %s\n",temp);
+ }
+ 
+@@ -572,7 +572,7 @@ int main(int argc,char **argv){
+ 	{
+ 	  char message[5000];
+ 	  sprintf(message,"realtime operations paused for %d seconds.",waittime);
+-	  syslog(LOG_INFO,message);
++	  syslog(LOG_INFO,"%s",message);
+ 	}
+ 
+ 	if(fork()==0){
diff --git a/debian/patches/series b/debian/patches/series
index 2a28621..68fbae1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,3 @@
 01-rc.patch
+02-makefile.patch
+03-hardening.patch

-- 
das-watchdog packaging