From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1043348-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 4F922138334
	for <garchives@archives.gentoo.org>; Tue, 21 Aug 2018 14:58:00 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 8B4E5E086D;
	Tue, 21 Aug 2018 14:57:59 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 48981E086D
	for <gentoo-commits@lists.gentoo.org>; Tue, 21 Aug 2018 14:57:58 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 7F406335D4C
	for <gentoo-commits@lists.gentoo.org>; Tue, 21 Aug 2018 14:57:55 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id AD58A3B3
	for <gentoo-commits@lists.gentoo.org>; Tue, 21 Aug 2018 14:57:53 +0000 (UTC)
From: "Andreas Sturmlechner" <asturm@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Andreas Sturmlechner" <asturm@gentoo.org>
Message-ID: <1534863440.56bbd26eb8317298c6dd431d3ac9f6e1cff458ce.asturm@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: media-libs/allegro/files/, media-libs/allegro/
X-VCS-Repository: repo/gentoo
X-VCS-Files: media-libs/allegro/allegro-4.4.2-r1.ebuild media-libs/allegro/files/allegro-4.4.2-Werror-format-security.patch
X-VCS-Directories: media-libs/allegro/ media-libs/allegro/files/
X-VCS-Committer: asturm
X-VCS-Committer-Name: Andreas Sturmlechner
X-VCS-Revision: 56bbd26eb8317298c6dd431d3ac9f6e1cff458ce
X-VCS-Branch: master
Date: Tue, 21 Aug 2018 14:57:53 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 86789895-a3a2-43a4-8986-fa53f5bc9280
X-Archives-Hash: 0b11f59277e0809ad8246bea50538cd8

commit:     56bbd26eb8317298c6dd431d3ac9f6e1cff458ce
Author:     Azamat H. Hackimov <azamat.hackimov <AT> gmail <DOT> com>
AuthorDate: Thu May 24 22:41:10 2018 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Tue Aug 21 14:57:20 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56bbd26e

media-libs/allegro: fix format-security error

Combined patch taken from Fedora Project
(https://src.fedoraproject.org/rpms/allegro/tree/master)
Fixes #540470

Closes: https://bugs.gentoo.org/540470
Package-Manager: Portage-2.3.24, Repoman-2.3.6

 media-libs/allegro/allegro-4.4.2-r1.ebuild         |   1 +
 .../allegro-4.4.2-Werror-format-security.patch     | 107 +++++++++++++++++++++
 2 files changed, 108 insertions(+)

diff --git a/media-libs/allegro/allegro-4.4.2-r1.ebuild b/media-libs/allegro/allegro-4.4.2-r1.ebuild
index fff77ed7e25..06ed3de8d26 100644
--- a/media-libs/allegro/allegro-4.4.2-r1.ebuild
+++ b/media-libs/allegro/allegro-4.4.2-r1.ebuild
@@ -44,6 +44,7 @@ PATCHES=(
 	"${FILESDIR}"/${P}-underlink.patch
 	"${FILESDIR}"/${P}-gentoo.patch
 	"${FILESDIR}"/${P}-rpath.patch
+	"${FILESDIR}"/${P}-Werror-format-security.patch # bug 540470
 )
 
 src_prepare() {

diff --git a/media-libs/allegro/files/allegro-4.4.2-Werror-format-security.patch b/media-libs/allegro/files/allegro-4.4.2-Werror-format-security.patch
new file mode 100644
index 00000000000..b3b0bc30b34
--- /dev/null
+++ b/media-libs/allegro/files/allegro-4.4.2-Werror-format-security.patch
@@ -0,0 +1,107 @@
+diff -up allegro-4.4.2/src/unix/umodules.c~ allegro-4.4.2/src/unix/umodules.c
+--- allegro-4.4.2/src/unix/umodules.c~	2011-05-13 10:11:33.000000000 +0200
++++ allegro-4.4.2/src/unix/umodules.c	2017-03-15 14:42:39.822612368 +0100
+@@ -126,11 +126,11 @@ void _unix_load_modules(int system_drive
+ 	 continue;
+ 
+       if (!fullpath_slash) {
+-         snprintf(fullpath, sizeof fullpath, filename);
++         snprintf(fullpath, sizeof fullpath, "%s", filename);
+ 	 fullpath[(sizeof fullpath) - 1] = 0;
+       }
+       else {
+-	 snprintf(fullpath_slash+1, (sizeof fullpath) - (fullpath_slash - fullpath) - 1, filename);
++	 snprintf(fullpath_slash+1, (sizeof fullpath) - (fullpath_slash - fullpath) - 1, "%s", filename);
+ 	 fullpath[(sizeof fullpath) - 1] = 0;
+       }
+       
+diff -up allegro-4.4.2/src/linux/ljoy.c~ allegro-4.4.2/src/linux/ljoy.c
+--- allegro-4.4.2/src/linux/ljoy.c~	2010-02-20 06:18:16.000000000 +0100
++++ allegro-4.4.2/src/linux/ljoy.c	2017-03-15 14:52:28.474215615 +0100
+@@ -93,7 +93,7 @@ static int joy_init(void)
+ 
+       if (ioctl(joy_fd[i], JSIOCGVERSION, &raw_version) < 0) {
+          /* NOTE: IOCTL fails if the joystick API is version 0.x */
+-         uszprintf(allegro_error, ALLEGRO_ERROR_SIZE, get_config_text("Your Linux joystick API is version 0.x which is unsupported."));
++         uszprintf(allegro_error, ALLEGRO_ERROR_SIZE, "%s", get_config_text("Your Linux joystick API is version 0.x which is unsupported."));
+          return -1; 
+       }
+       
+diff -up allegro-4.4.2/examples/extrans2.c~ allegro-4.4.2/examples/extrans2.c
+--- allegro-4.4.2/examples/extrans2.c~	2008-01-30 11:56:50.000000000 +0100
++++ allegro-4.4.2/examples/extrans2.c	2017-03-15 15:43:03.494831521 +0100
+@@ -211,7 +211,7 @@ int main(int argc, char **argv)
+       } else {
+          msg = "no flipping";
+       }
+-      textprintf_ex(buffer, font, 1, 1, makecol(255, 255, 255), -1, msg);
++      textprintf_ex(buffer, font, 1, 1, makecol(255, 255, 255), -1, "%s", msg);
+ 
+       /* finally blit the back buffer on the screen */
+       blit(buffer, screen, 0, 0, 0, 0, buffer->w, buffer->h);
+diff -up allegro-4.4.2/setup/setup.c~ allegro-4.4.2/setup/setup.c
+--- allegro-4.4.2/setup/setup.c~	2010-05-23 18:05:33.000000000 +0200
++++ allegro-4.4.2/setup/setup.c	2017-03-15 16:13:42.243136380 +0100
+@@ -1163,7 +1163,7 @@ static void plot_joystick_state(BITMAP *
+ 	 textprintf_ex(bmp, font, SCREEN_W/2-96, SCREEN_H/2-60+c*20, -1, -1, uconvert_ascii("%s (%d/%d)", tmp),
+                     joystick_driver->name, i+1, num_joysticks);
+       else
+-	 textprintf_ex(bmp, font, SCREEN_W/2-96, SCREEN_H/2-60+c*20, -1, -1, joystick_driver->name);
++	 textprintf_ex(bmp, font, SCREEN_W/2-96, SCREEN_H/2-60+c*20, -1, -1, "%s", joystick_driver->name);
+       c++;
+    }
+ 
+@@ -2879,7 +2879,7 @@ int main(void)
+       alert(uconvert_ascii("Error loading " SETUP_DATA_FILE, tmp1), NULL, NULL, uconvert_ascii("OK", tmp2), NULL, 13, 0);
+     #else
+       set_gfx_mode(GFX_TEXT, 0, 0, 0, 0);
+-      allegro_message(uconvert_ascii("Error loading " SETUP_DATA_FILE "\n", tmp1));
++      allegro_message("%s", uconvert_ascii("Error loading " SETUP_DATA_FILE "\n", tmp1));
+     #endif
+       return 1;
+    }
+diff -up allegro-4.4.2/examples/exkeys.c~ allegro-4.4.2/examples/exkeys.c
+--- allegro-4.4.2/examples/exkeys.c~	2008-01-10 20:46:00.000000000 +0100
++++ allegro-4.4.2/examples/exkeys.c	2017-03-15 16:17:30.268545467 +0100
+@@ -193,7 +193,7 @@ int main(void)
+       if (key_shifts & KB_NUMLOCK_FLAG)  strcat(buf, " num");
+       if (key_shifts & KB_SCROLOCK_FLAG) strcat(buf, " scrl");
+       scroll();
+-      textprintf_ex(screen, font, 8, SCREEN_H-16, makecol(0, 0, 0), makecol(255, 255, 255), buf);
++      textprintf_ex(screen, font, 8, SCREEN_H-16, makecol(0, 0, 0), makecol(255, 255, 255), "%s", buf);
+    } while (k != 27);
+ 
+    /* various scan codes are defined in allegro.h as KEY_* constants */
+@@ -234,7 +234,7 @@ int main(void)
+       if (key[KEY_8]) buf[8] = '8'; else buf[8] = ' ';
+       if (key[KEY_9]) buf[9] = '9'; else buf[9] = ' ';
+       buf[10] = 0;
+-      textprintf_ex(screen, font, 8, SCREEN_H-16, makecol(0, 0, 0), makecol(255, 255, 255), buf);
++      textprintf_ex(screen, font, 8, SCREEN_H-16, makecol(0, 0, 0), makecol(255, 255, 255), "%s", buf);
+       rest(1);
+    } while (!keypressed() || (readkey() >> 8) != KEY_ESC);
+ 
+diff -up allegro-4.4.2/tests/play.c~ allegro-4.4.2/tests/play.c
+--- allegro-4.4.2/tests/play.c~	2005-03-19 12:15:07.000000000 +0100
++++ allegro-4.4.2/tests/play.c	2017-03-15 16:35:18.628156496 +0100
+@@ -74,7 +74,7 @@ void usage(void)
+ 
+    strcat(msg, "\nIf you don't specify the card, Allegro will auto-detect (ie. guess :-)\n");
+ 
+-   allegro_message(msg);
++   allegro_message("%s", msg);
+    free(msg);
+ }
+
+diff -up allegro-4.2.3/tools/pack.c~ allegro-4.2.3/tools/pack.c
+--- allegro-4.2.3/tools/pack.c~	2006-05-20 16:49:58.000000000 +0200
++++ allegro-4.2.3/tools/pack.c	2010-12-30 11:20:42.425231307 +0100
+@@ -42,7 +42,7 @@ static void err(char *s1, char *s2)
+       printf(": %s", s1);
+
+    if (s2)
+-      printf(s2);
++      printf("%s", s2);
+
+    printf("\n");
+