Debian Package rebuild

Rebuild of the Debian archive with clang

"Security: Format string is not a string literal" build failure(s)
clang 3.1
Return to the list
The following code builds without any issue with gcc and fails with clang: 
#include <stdio.h>

void foo(void) {
    char buffer[1024];
    sprintf(buffer, "%n", 2);
}
gcc -Werror -c foo.c
clang -Werror -c foo.c
Versions: 2.9 - 3.0 - 3.1 - 3.2 - 3.3 - 3.4 - 3.4.2 - 3.5.0 - 3.6.0 - 3.8.1 - 3.9.1 - 4.0.1 - 5.0 - 6.0 - 8.0.1 - 9.0.1 - 10.0.0 - 11.0.0 - 12.0.1 - 13.0.0
PackageVersionSupposed error messageFull log Bug report
cccd 0.3beta4-7cddbp.c:100:19: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
cronutils 1.2-1runstat.c:87:31: error: format string is not a string literal [-Werror,-Wformat-nonliteral] Log
exim4 4.80-4acl.c:2735:31: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
gccxml 0.9.0+cvs20120420-3genmodes.c:829:28: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
ghostscript 9.05~dfsg-6./base/gsdevice.c:1010:25: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
glib2.0 2.32.3-1test-printf.c:570:36: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
globus-xio 3.3-1globus_xio_http_client.c:313:40: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
gnome-pie 0.5.3-1triggerSelectWindow.c:545:138: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
icu 4.8.1.1-8rbbitst.cpp:1866:44: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
libsoup2.4 2.38.1-2coding-test.c:69:28: error: format string is not a string literal [-Werror,-Wformat-nonliteral] Log
libssh2 1.4.2-1subsystem_netconf.c:234:17: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
ncap 1.9.2-1asprintf.c:35:30: error: format string is not a string literal [-Werror,-Wformat-nonliteral] Log
obexftp 0.23-1ruby_wrap.c:1991:48: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
rcs 5.8.1-1b-excwho.c:126:15: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
rrdtool 1.4.7-1main.c:102:5: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
ruby-ldap 0.9.12-1["/usr/bin/ruby1.9.1 extconf.rb", "--with-openldap2\nchecking for ldap.h... yes\nchecking for lber.h... yes\nchecking for ldap_ssl.h... no\nchecking for openssl/ssl.h... no\nchecking for ssl.h... no\nchecking for openssl/crypto.h... no\nchecking for crypto.h... no\nchecking for main() in -lcrypto... no\nchecking for main() in -lssl... no\nchecking for main() in -lnsl... yes\nchecking for main() in -lpthread... yes\nchecking for main() in -lresolv... yes\nchecking for main() in -llber... yes\nchecking for main() in -lldap_r... yes\nchecking for main() in -lldap... yes\nchecking for ldap_init() in ldap.h... yes\nchecking for ldap_set_option()... yes\nchecking for ldap_get_option()... yes\nchecking for ldap_start_tls_s()... yes\nchecking for ldap_memfree()... yes\nchecking for ldap_perror()... yes\nchecking for ldap_sort_entries()... yes\nchecking for ldapssl_init()... no\nchecking for ldap_sslinit()... no\nchecking for ldap_sasl_bind_s()... yes\nchecking for ldap_compare_s()... yes\nchecking for ldap_add_ext_s()... yes\nchecking for ldap_compare_ext_s()... yes\nchecking for ldap_delete_ext_s()... yes\nchecking for ldap_modify_ext_s()... yes\nchecking for ldap_search_ext_s()... yes\nchecking for ldap_unbind_ext_s()... yes\nchecking for ldap_sasl_interactive_bind_s()... yes\ncreating Makefile\n", "make", "make[1]: Entering directory `/«PKGBUILDDIR»'\ncompiling sslconn.c\nclang: warning: argument unused during compilation: '--param ssp-buffer-size=4'\nsslconn.c:103:7: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]\n Check_LDAP_Result (ldapdata->err);\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n./rbldap.h:144:36: note: expanded from macro 'Check_LDAP_Result'\n rb_raise(rb_eLDAP_ResultError, ldap_err2string(err)); \\\n ^~~~~~~~~~~~~~~~~~~~\nsslconn.c:109:7: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]\n Check_LDAP_Result (ldapdata->err);\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n./rbldap.h:144:36: note: expanded from macro 'Check_LDAP_Result'\n rb_raise(rb_eLDAP_ResultError, ldap_err2string(err)); \\\n ^~~~~~~~~~~~~~~~~~~~\nsslconn.c:115:7: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]\n Check_LDAP_Result (ldapdata->err);\n ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n./rbldap.h:144:36: note: expanded from macro 'Check_LDAP_Result'\n rb_raise(rb_eLDAP_ResultError, ldap_err2string(err)); \\\n ^~~~~~~~~~~~~~~~~~~~\n3 errors generated.\nmake[1]: *** [sslconn.o] Error 1\nmake[1]: Leaving directory `/«PKGBUILDDIR»'\n"] Log
ruby-mecab 0.99.3-1MeCab_wrap.cpp:2252:46: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
ruby-xmlparser 0.7.2-1["/usr/bin/ruby1.9.1 extconf.rb", "checking for expat.h... yes\nchecking for XML_ParserCreate() in -lexpat... yes\nchecking for XML_SetNotStandaloneHandler()... yes\nchecking for XML_SetParamEntityParsing()... yes\nchecking for XML_SetDoctypeDeclHandler()... yes\nchecking for XML_ParserReset()... yes\nchecking for XML_SetSkippedEntityHandler()... yes\nchecking for XML_GetFeatureList()... yes\nchecking for XML_UseForeignDTD()... yes\nchecking for XML_GetIdAttributeIndex()... yes\nchecking for ntohl() in -lsocket... no\ncreating Makefile\n", "make", "make[1]: Entering directory `/«PKGBUILDDIR»/ext'\ncompiling xmlparser.c\nclang: warning: argument unused during compilation: '--param ssp-buffer-size=4'\nxmlparser.c:1783:28: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]\n rb_raise(eXMLParserError, (char*)errStr);\n ^ ~~~~~~\nxmlparser.c:1832:31: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]\n rb_raise(eXMLParserError, (char*)errStr);\n ^ ~~~~~~\n2 errors generated.\nmake[1]: *** [xmlparser.o] Error 1\nmake[1]: Leaving directory `/«PKGBUILDDIR»/ext'\n"] Log
thoggen 0.7.1-1th-app-window.c:1140:44: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] Log
xmahjongg 3.7-3permstr.cc:312:28: error: use of '%n' in format string discouraged (potentially insecure) [-Werror,-Wformat-security] Log
20 errors
Return to the list