Ubuntu
pktstat package

pktstat FTBFS: error: format not a string literal and no format arguments [-Werror=format-security]

Bug #1965174 reported by Nick Rosbrook
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pktstat (Debian)
Fix Released
Unknown
pktstat (Ubuntu)
Fix Released
High
Nick Rosbrook

Bug Description

Imported from Debian bug http://bugs.debian.org/995624:

Source: pktstat
Version: 1.8.5-7
Severity: serious
Tags: ftbfs

pktstat fails to build from source in unstable on amd64. A non-parallel
build ends as follows:

| gcc -DHAVE_CONFIG_H -I. -DPATH_PKTSTATRC=\"/etc/pktstatrc\" -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -pedantic -D_BSD_SOURCE -c -o display.o display.c
| In file included from /usr/include/x86_64-linux-gnu/bits/libc-header-start.h:33,
| from /usr/include/stdio.h:27,
| from display.c:17:
| /usr/include/features.h:187:3: warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Wcpp]
| 187 | # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
| | ^~~~~~~
| display.c: In function ‘display_update’:
| display.c:499:33: warning: field width specifier ‘*’ expects argument of type ‘int’, but argument 2 has type ‘long unsigned int’ [-Wformat=]
| 499 | attron(A_UNDERLINE); printw("%-*s",
| | ~~^~
| | |
| | int
| display.c:552:13: warning: field precision specifier ‘.*’ expects argument of type ‘int’, but argument 2 has type ‘long unsigned int’ [-Wformat=]
| 552 | printw("%.*s\n", MIN(maxx - LLEN, sizeof flows[i].tag - 1),
| | ~~^~
| | |
| | int
| display.c:566:15: warning: field precision specifier ‘.*’ expects argument of type ‘int’, but argument 2 has type ‘long unsigned int’ [-Wformat=]
| 566 | printw(" %.*s\n", MIN(maxx - LLEN - 2,
| | ~~^~
| | |
| | int
| display.c:285:21: warning: variable ‘x’ set but not used [-Wunused-but-set-variable]
| 285 | int maxx, maxy, y, x;
| | ^
| display.c: In function ‘printhelp’:
| display.c:672:3: error: format not a string literal and no format arguments [-Werror=format-security]
| 672 | printw((char *)h->name + 1);
| | ^~~~~~
| cc1: some warnings being treated as errors
| make[2]: *** [Makefile:483: display.o] Error 1
| make[2]: Leaving directory '/<<PKGBUILDDIR>>'
| make[1]: *** [Makefile:339: all] Error 2
| make[1]: Leaving directory '/<<PKGBUILDDIR>>'
| dh_auto_build: error: make -j1 returned exit code 2
| make: *** [debian/rules:11: build] Error 25
| dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2

This is likely due to ncurses including format string annotations.

Helmut

Nick Rosbrook (enr0n)
tags: added: update-excuse
Bug Watch Updater (bug-watch-updater)
Changed in pktstat (Debian):
importance: Undecided → Unknown
status: New → Fix Committed
Revision history for this message
Nick Rosbrook (enr0n) wrote :
Revision history for this message
Nick Rosbrook (enr0n) wrote :

The linked Debian bug does provide a patch, but it has not been applied in Debian yet. I have attached that patch here.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "pktstat-lp-1965174.debdiff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags: added: patch
Revision history for this message
Nick Rosbrook (enr0n) wrote :
Revision history for this message
Nick Rosbrook (enr0n) wrote :
Revision history for this message
Brian Murray (brian-murray) wrote :

 $ dput pktstat_1.8.5-7ubuntu1_source.changes
Trying to upload package to ubuntu
Checking signature on .changes
gpg: /tmp/pkgs/jammy/pktstat_1.8.5-7ubuntu1_source.changes: Valid signature from 1E918B66765B3E31
Checking signature on .dsc
gpg: /tmp/pkgs/jammy/pktstat_1.8.5-7ubuntu1.dsc: Valid signature from 1E918B66765B3E31
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading pktstat_1.8.5-7ubuntu1.dsc: done.
  Uploading pktstat_1.8.5-7ubuntu1.debian.tar.xz: done.
  Uploading pktstat_1.8.5-7ubuntu1_source.buildinfo: done.
  Uploading pktstat_1.8.5-7ubuntu1_source.changes: done.
Successfully uploaded packages.

Changed in pktstat (Ubuntu):
assignee: nobody → Nick Rosbrook (enr0n)
status: New → Fix Committed
importance: Undecided → High
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pktstat - 1.8.5-7ubuntu1

---------------
pktstat (1.8.5-7ubuntu1) jammy; urgency=medium

  * debian/patches/0001-Fix-format-string-error-with-recent-ncurses.patch:
    Add patch to fix -Werror=format-security build error (LP: #1965174).

 -- Nick Rosbrook <email address hidden> Thu, 17 Mar 2022 13:23:20 -0400

Changed in pktstat (Ubuntu):
status: Fix Committed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in pktstat (Debian):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.