main/libidn: fix build with werror=format-security

2026-05-05 20:36:40 +02:00 · 2023-04-19 19:58:35 +00:00 · 2023-04-19 19:58:35 +00:00 · 8cd416a18a
commit 8cd416a18a
parent 05069f7a9f
2 changed files with 134 additions and 2 deletions
--- a/main/libidn/APKBUILD
+++ b/main/libidn/APKBUILD
@ -2,14 +2,16 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libidn
 pkgver=1.41
-pkgrel=2
+pkgrel=3
 pkgdesc="Encode/Decode library for internationalized domain names"
 url="https://www.gnu.org/software/libidn"
 arch="all"
 license="LGPL-2.1-or-later"
 checkdepends="diffutils"
 subpackages="$pkgname-dev $pkgname-doc"
-source="https://ftp.gnu.org/gnu/libidn/libidn-$pkgver.tar.gz"
+source="https://ftp.gnu.org/gnu/libidn/libidn-$pkgver.tar.gz
+	format-security.patch
+	"

 # secfixes:
 #   1.33-r0:
@ -43,4 +45,5 @@ package() {

 sha512sums="
 765c42b64f10f0d84c0abecdce443baa9fdb80576179e3143bf56abde3f6c6149cc2c77e286e2e2a6ccf508914f30c2d5af258073168c0f886686e4fd85bbb47  libidn-1.41.tar.gz
+bc4fc4348ff87615d40cc535b35de6edfe4379720313df1de8d0041609307dec51b1d283da29b562f7d5ab8fd1934ad094ea5df8044341ad206009739e7751c9  format-security.patch
 "
--- a/main/libidn/format-security.patch
+++ b/main/libidn/format-security.patch
@ -0,0 +1,129 @@
+diff --git a/src/idn.c b/src/idn.c
+index 9e1e766..ea89ecb 100644
+--- a/src/idn.c
+++ b/src/idn.c
+@@ -170,7 +170,7 @@ main (int argc, char *argv[])
+       (args_info.nfkc_given ? 1 : 0) != 1)
+     {
+       error (0, 0,
+-	     _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+	     "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified"));
+       usage (EXIT_FAILURE);
+     }
+ 
+@@ -183,7 +183,7 @@ main (int argc, char *argv[])
+ 
+   if (!args_info.quiet_given
+       && args_info.inputs_num == 0 && isatty (fileno (stdin)))
+-    fprintf (stderr, _("Type each input string on a line by itself, "
+    fprintf (stderr, "%s", _("Type each input string on a line by itself, "
+ 		       "terminated by a newline character.\n"));
+ 
+   do
+@@ -195,7 +195,7 @@ main (int argc, char *argv[])
+ 	  if (feof (stdin))
+ 	    break;
+ 
+-	  error (EXIT_FAILURE, errno, _("input error"));
+	  error (EXIT_FAILURE, errno, "%s", _("input error"));
+ 	}
+ 
+       if (strlen (line) > 0)
+@@ -213,7 +213,7 @@ main (int argc, char *argv[])
+ 	  if (!q)
+ 	    {
+ 	      free (p);
+-	      error (EXIT_FAILURE, 0,
+	      error (EXIT_FAILURE, 0, "%s",
+ 		     _("could not convert from UTF-8 to UCS-4"));
+ 	    }
+ 
+@@ -238,7 +238,7 @@ main (int argc, char *argv[])
+ 	  if (!q)
+ 	    {
+ 	      free (r);
+-	      error (EXIT_FAILURE, 0,
+	      error (EXIT_FAILURE, 0, "%s",
+ 		     _("could not convert from UTF-8 to UCS-4"));
+ 	    }
+ 
+@@ -275,7 +275,7 @@ main (int argc, char *argv[])
+ 	  q = stringprep_utf8_to_ucs4 (p, -1, &len);
+ 	  free (p);
+ 	  if (!q)
+-	    error (EXIT_FAILURE, 0,
+	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UTF-8 to UCS-4"));
+ 
+ 	  if (args_info.debug_given)
+@@ -334,7 +334,7 @@ main (int argc, char *argv[])
+ 	  r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+ 	  free (q);
+ 	  if (!r)
+-	    error (EXIT_FAILURE, 0,
+	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UCS-4 to UTF-8"));
+ 
+ 	  p = stringprep_utf8_to_locale (r);
+@@ -358,14 +358,14 @@ main (int argc, char *argv[])
+ 	  q = stringprep_utf8_to_ucs4 (p, -1, NULL);
+ 	  free (p);
+ 	  if (!q)
+-	    error (EXIT_FAILURE, 0,
+	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UCS-4 to UTF-8"));
+ 
+ 	  if (args_info.debug_given)
+ 	    {
+ 	      size_t i;
+ 	      for (i = 0; q[i]; i++)
+-		fprintf (stderr, "input[%lu] = U+%04x\n",
+		fprintf (stderr, "%s", "input[%lu] = U+%04x\n",
+ 			 (unsigned long) i, q[i]);
+ 	    }
+ 
+@@ -436,7 +436,7 @@ main (int argc, char *argv[])
+ 	  if (!q)
+ 	    {
+ 	      free (p);
+-	      error (EXIT_FAILURE, 0,
+	      error (EXIT_FAILURE, 0, "%s",
+ 		     _("could not convert from UCS-4 to UTF-8"));
+ 	    }
+ 
+@@ -492,7 +492,7 @@ main (int argc, char *argv[])
+ 	  r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
+ 	  free (q);
+ 	  if (!r)
+-	    error (EXIT_FAILURE, 0,
+	    error (EXIT_FAILURE, 0, "%s",
+ 		   _("could not convert from UTF-8 to UCS-4"));
+ 
+ 	  p = stringprep_utf8_to_locale (r);
+@@ -521,7 +521,7 @@ main (int argc, char *argv[])
+ 	      if (!q)
+ 		{
+ 		  free (p);
+-		  error (EXIT_FAILURE, 0,
+		  error (EXIT_FAILURE, 0, "%s",
+ 			 _("could not convert from UTF-8 to UCS-4"));
+ 		}
+ 
+@@ -535,7 +535,7 @@ main (int argc, char *argv[])
+ 	  r = stringprep_utf8_nfkc_normalize (p, -1);
+ 	  free (p);
+ 	  if (!r)
+-	    error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
+	    error (EXIT_FAILURE, 0, "%s", _("could not do NFKC normalization"));
+ 
+ 	  if (args_info.debug_given)
+ 	    {
+@@ -545,7 +545,7 @@ main (int argc, char *argv[])
+ 	      if (!q)
+ 		{
+ 		  free (r);
+-		  error (EXIT_FAILURE, 0,
+		  error (EXIT_FAILURE, 0, "%s",
+ 			 _("could not convert from UTF-8 to UCS-4"));
+ 		}
+