gettext-full: activate format-security checks

This patch was taken from upstream libcroco

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47585

diff --git a/package/libs/gettext-full/Makefile b/package/libs/gettext-full/Makefile
index e07a158c28a19a2d1b0eaa595afff319afebc5af..3e5e40459fa68d967af5c50d396bd0f114c5bd5d 100644 (file)
--- a/package/libs/gettext-full/Makefile
+++ b/package/libs/gettext-full/Makefile
@@ -24,7 +24,6 @@ PKG_FIXUP:=autoreconf
 PKG_INSTALL:=1
 PKG_BUILD_PARALLEL:=0
 PKG_BUILD_DEPENDS:=gettext-full/host
-PKG_CHECK_FORMAT_SECURITY:=0
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/host-build.mk

diff --git a/package/libs/gettext-full/patches/130-format-secuirty.patch b/package/libs/gettext-full/patches/130-format-secuirty.patch
new file mode 100644 (file)
index 0000000..89cb3fb
--- /dev/null
+++ b/package/libs/gettext-full/patches/130-format-secuirty.patch
@@ -0,0 +1,59 @@
+From c7197cad42d6269739f379025c2bec9e474c8027 Mon Sep 17 00:00:00 2001
+From: Tobias Mueller <tobiasmue@gnome.org>
+Date: Sat, 29 Jan 2011 16:31:30 +0100
+Subject: Fixed format string issues by giving static literals, fixes bug
+ 640897
+
+---
+ src/cr-statement.c | 10 +++++-----
+ tests/test2-main.c |  8 +++-----
+ tests/test3-main.c |  8 +++-----
+ 3 files changed, 11 insertions(+), 15 deletions(-)
+
+--- a/gettext-tools/gnulib-lib/libcroco/cr-statement.c
++++ b/gettext-tools/gnulib-lib/libcroco/cr-statement.c
+@@ -2607,7 +2607,7 @@ cr_statement_dump_ruleset (CRStatement *
+         g_return_if_fail (a_fp && a_this);
+         str = cr_statement_ruleset_to_string (a_this, a_indent);
+         if (str) {
+-                fprintf (a_fp, str);
++                fprintf (a_fp, "%s", str);
+                 g_free (str);
+                 str = NULL;
+         }
+@@ -2658,7 +2658,7 @@ cr_statement_dump_charset (CRStatement *
+         str = cr_statement_charset_to_string (a_this,
+                                               a_indent) ;
+         if (str) {
+-                fprintf (a_fp, str) ;
++                fprintf (a_fp, "%s", str) ;
+                 g_free (str) ;
+                 str = NULL ;
+         }
+@@ -2685,7 +2685,7 @@ cr_statement_dump_page (CRStatement * a_
+ 
+         str = cr_statement_at_page_rule_to_string (a_this, a_indent) ;
+         if (str) {
+-                fprintf (a_fp, str);
++                fprintf (a_fp, "%s", str);
+                 g_free (str) ;
+                 str = NULL ; 
+         }
+@@ -2711,7 +2711,7 @@ cr_statement_dump_media_rule (CRStatemen
+ 
+         str = cr_statement_media_rule_to_string (a_this, a_indent) ;
+         if (str) {
+-                fprintf (a_fp, str) ;
++                fprintf (a_fp, "%s", str) ;
+                 g_free (str) ;
+                 str = NULL ;
+         }
+@@ -2737,7 +2737,7 @@ cr_statement_dump_import_rule (CRStateme
+ 
+         str = cr_statement_import_rule_to_string (a_this, a_indent) ;
+         if (str) {
+-                fprintf (a_fp, str) ;
++                fprintf (a_fp, "%s", str) ;
+                 g_free (str) ;
+                 str = NULL ;
+         }