diff --git a/mstflint-3.0-format-security.patch b/mstflint-3.0-format-security.patch new file mode 100644 index 0000000..dac9ee8 --- /dev/null +++ b/mstflint-3.0-format-security.patch @@ -0,0 +1,123 @@ +--- a/flint/flint.cpp ++++ b/flint/flint.cpp +@@ -117,7 +117,7 @@ void usage(bool full = false) + + + +- const char *descr = ++ const char descr[] = + #ifdef FOR_MAN + ".TH \"flint\" \"\" \"Mar 2013\" \"MFT 3.0.0\" \"Administration\"\n" + MAN_SH("NAME") +@@ -371,7 +371,7 @@ MAN_BR + + + +- const char* full_descr = ++ const char full_descr[] = + "\n" + MAN_SS("COMMAND DESCRIPTION") + "\n" +@@ -1747,7 +1747,7 @@ int main(int ac, char *av[]) + } else { + sprintf(curr_ver, "N/A"); + } +- printf(curr_ver); printf("\n"); ++ printf("%s\n", curr_ver); + + printf(" New FW version: "); + if (fileInfo.infoOffs[Operations::II_FwVersion]) { +@@ -1755,7 +1755,7 @@ int main(int ac, char *av[]) + } else { + sprintf(new_ver, "N/A"); + } +- printf(new_ver); printf("\n"); ++ printf("%s\n", new_ver); + + print_line_to_log("Current FW version on flash: %s, New FW version: %s\n", curr_ver, new_ver); + +--- a/flint/flint_ops.cpp ++++ b/flint/flint_ops.cpp +@@ -353,7 +353,7 @@ bool Operations::CntxFailSafeBurn(Flash& f, + if (pre_message == NULL) { + sprintf(message, "Burning FW image without signatures"); + } else { +- sprintf(message, pre_message); ++ sprintf(message, "%s", pre_message); + } + int str_len = strlen(message), restore_len = strlen(RESTORING_MSG); + str_len = (restore_len > str_len) ? restore_len : str_len; +@@ -1602,7 +1602,7 @@ bool Operations::BurnFs3Image(Flash& f, FImage& fim, bool need_report) + if (pre_message == NULL) { + sprintf(message, "Burning FW image without signatures"); + } else { +- sprintf(message, pre_message); ++ sprintf(message, "%s", pre_message); + } + int str_len = strlen(message), restore_len = strlen(RESTORING_MSG); + str_len = (restore_len > str_len) ? restore_len : str_len; +@@ -2051,7 +2051,7 @@ bool Operations::Verify(FBase& f, Operations::ImageInfo* info, bool both_images, + + bool Operations::GetExpRomVersionWrapper(ImageInfo* info) { + if (!GetExpRomVersion(info)) { +- snprintf(info->expRomErrMsg, MAX_ROM_ERR_MSG_LEN, err()); ++ snprintf(info->expRomErrMsg, MAX_ROM_ERR_MSG_LEN, "%s", err()); + info->expRomErrMsgValid = true; + } + return true; +@@ -2288,7 +2288,7 @@ bool Operations::LoadAsExpRom (FBase& f, ImageInfo* info) { + info->_rom_sect.clear(); + info->_rom_sect.resize(f.get_size()); + if (!f.read(0, &info->_rom_sect[0], f.get_size())) +- return errmsg(f.err()); ++ return errmsg("%s", f.err()); + + TOCPUn(&info->_rom_sect[0], info->_rom_sect.size()/4); + +@@ -4034,7 +4034,7 @@ bool Operations::CheckDevImageAndRom(FBase& f, ImageInfo& flash_info) + { + // Common check for the ROM. + if (!CheckDevImage(f, flash_info, 1)) { +- return errmsg(err()); ++ return errmsg("%s", err()); + } + if (IsRomEmpty(&flash_info)) { + return errmsg("Read ROM failed: The FW does not contain a ROM section"); +@@ -4055,7 +4055,7 @@ bool Operations::IntegrateDevRomInImage(FImage& fim, ImageInfo& flashInfo, Image + // Compine the image and the rom into new daa + if(!UpdateRomInImage((u_int8_t*)(&new_data[0]), (u_int8_t*)(fim.getBuf()), + (u_int8_t*)(&flashInfo._rom_sect[0]), rom_size, &actual_image_size)) { +- return errmsg(err()); ++ return errmsg("%s", err()); + } + + // close old image and open new image with the rom. +@@ -4063,7 +4063,7 @@ bool Operations::IntegrateDevRomInImage(FImage& fim, ImageInfo& flashInfo, Image + fim.open((u_int32_t*)(&new_data[0]), actual_image_size); + + if (!VerifyFs2(fim, &fileInfo, false, false, true) || !QueryAll(fim, &fileInfo)) { +- return errmsg(err()); ++ return errmsg("%s", err()); + } + + return true; +--- a/small_utils/mtserver.c ++++ b/small_utils/mtserver.c +@@ -149,7 +149,7 @@ int port = DEF_PORT; /* Default port */ + #define FILE_SIZE (NUM_INTS * sizeof(int)) + + u_int32_t* cr_space; +-char sim_str[100] = "\t-i[d] - set the device id.\n"; ++const char sim_str[100] = "\t-i[d] - set the device id.\n"; + int id; + int fd; + mfile *mopen(const char *name) +@@ -297,7 +297,7 @@ int unmap_and_close_file(void) + } + #else + +-char sim_str[100] = ""; ++const char sim_str[100] = ""; + int check_id_arg(char* av[], int ac, int *i) + { + ac = 0; diff --git a/mstflint.spec b/mstflint.spec index 230be6a..7cdb784 100644 --- a/mstflint.spec +++ b/mstflint.spec @@ -1,12 +1,12 @@ Name: mstflint Summary: Mellanox firmware burning tool Version: 3.0 -Release: 0.7.g6961daa.1%{?dist} +Release: 0.8.g6961daa.1%{?dist} License: GPLv2+ or BSD Group: Applications/System Source: http://www.openfabrics.org/downloads/%{name}/%{name}-%{version}-0.6.g6961daa.tar.gz +Patch0: mstflint-3.0-format-security.patch Url: http://www.openfabrics.org -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libstdc++-devel, zlib-devel Obsoletes: openib-mstflint <= 1.4 openib-tvflash <= 0.9.2 tvflash <= 0.9.0 ExcludeArch: s390 s390x @@ -17,6 +17,7 @@ It also provides access to the relevant source code. %prep %setup -q +%patch0 -p1 %build export CFLAGS="$RPM_OPT_FLAGS" @@ -24,21 +25,20 @@ export CFLAGS="$RPM_OPT_FLAGS" make %install -rm -rf %{buildroot} make DESTDIR=%{buildroot} install # Remove the devel files that we don't ship rm -fr %{buildroot}%{_includedir} rm -fr %{buildroot}%{_datadir} -%clean -rm -rf %{buildroot} - %files -%defattr(-, root, root) %doc README %_bindir/* %changelog +* Fri Jun 20 2014 Yaakov Selkowitz - 3.0-0.8.g6961daa.1 +- Fix FTBFS with -Werror=format-security (#1037207, #1106248) +- Cleanup spec + * Sat Jun 07 2014 Fedora Release Engineering - 3.0-0.7.g6961daa.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild