]> code.ossystems Code Review - openembedded-core.git/commitdiff
Code Review / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: f63a363)
makedevs: fix security issues
authorEdwin Plauchu <edwin.plauchu.camacho@intel.com>
Tue, 17 May 2016 19:26:16 +0000 (14:26 -0500)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 19 May 2016 08:01:01 +0000 (09:01 +0100)
This avoids makedevs failure to compile with compiler flags
which elevate common string formatting issues into an error
(-Wformat -Wformat-security -Werror=format-security).

[YOCTO #9549]

Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/conf/distro/include/security_flags.inc patch | blob | history
meta/recipes-devtools/makedevs/makedevs/makedevs.c patch | blob | history

diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index c1f596e921659cf9e73b12c0d1e08a23c1b78463..febedfa0928015ffdf7f6b323f8dca0bd07aa6e4 100644 (file)
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -103,7 +103,6 @@ SECURITY_STRINGFORMAT_pn-expect = ""
 SECURITY_STRINGFORMAT_pn-gcc = ""
 SECURITY_STRINGFORMAT_pn-gettext = ""
 SECURITY_STRINGFORMAT_pn-kexec-tools = ""
-SECURITY_STRINGFORMAT_pn-makedevs = ""
 SECURITY_STRINGFORMAT_pn-oh-puzzles = ""
 SECURITY_STRINGFORMAT_pn-unzip = ""
 
diff --git a/meta/recipes-devtools/makedevs/makedevs/makedevs.c b/meta/recipes-devtools/makedevs/makedevs/makedevs.c
index 771f33ef5adb8b798da98421d173037489ebcfc3..7471f3f5b3ecfecaf1bb54a15bb7c7c43c8f157b 100644 (file)
--- a/meta/recipes-devtools/makedevs/makedevs/makedevs.c
+++ b/meta/recipes-devtools/makedevs/makedevs/makedevs.c
@@ -510,7 +510,7 @@ int main(int argc, char **argv)
        umask (0);
 
        if (argc==1) {
-               fprintf(stderr, helptext);
+               fputs( helptext , stderr );
                exit(1);
        }
 
@@ -525,7 +525,7 @@ int main(int argc, char **argv)
                                error_msg_and_die("%s: not a proper device table file", optarg);
                        break;
                case 'h':
-                       printf(helptext);
+                       puts(helptext);
                        exit(0);
                case 'r':
                case 'd':                               /* for compatibility with mkfs.jffs, genext2fs, etc... */
@@ -553,13 +553,13 @@ int main(int argc, char **argv)
                        printf("%s: %s\n", app_name, VERSION);
                        exit(0);
                default:
-                       fprintf(stderr, helptext);
+                       fputs(helptext,stderr);
                        exit(1);
                }
        }
 
        if (argv[optind] != NULL) {
-               fprintf(stderr, helptext);
+               fputs(helptext,stderr);
                exit(1);
        }
 
Mirror of the official openembedded-core repository