[05/15] libidn: Fix hardened build with musl

Re-introduce the patch that was deemed to be not needed
but it infact is still needed with musl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 .../libidn/0001-idn-format-security-warnings.patch | 181 +++++++++++++++++++++
 meta/recipes-extended/libidn/libidn_1.33.bb        |   1 +
 2 files changed, 182 insertions(+)
 create mode 100644 meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch

Armin

Please backport this patch to pyro as well.

On Sun, May 21, 2017 at 10:00 PM, Khem Raj <raj.khem@gmail.com> wrote:
> Re-introduce the patch that was deemed to be not needed
> but it infact is still needed with musl
>
> Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ---
>  .../libidn/0001-idn-format-security-warnings.patch | 181 +++++++++++++++++++++
>  meta/recipes-extended/libidn/libidn_1.33.bb        |   1 +
>  2 files changed, 182 insertions(+)
>  create mode 100644 meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
>
> diff --git a/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch b/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
> new file mode 100644
> index 0000000000..5adc7d9fd9
> --- /dev/null
> +++ b/meta/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch
> @@ -0,0 +1,181 @@
> +From 82f98dcbc429bbe89a9837c533cbcbc02e77c790 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <adraszik@tycoint.com>
> +Date: Tue, 28 Jun 2016 12:43:31 +0100
> +Subject: [PATCH] idn: fix printf() format security warnings
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +| ../../libidn-1.32/src/idn.c: In function 'main':
> +| ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments [-Werror=format-security]
> +|        error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));
> +|        ^~~~~
> +| ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments [-Werror=format-security]
> +|      fprintf (stderr, _("Type each input string on a line by itself, "
> +|      ^~~~~~~
> +| ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments [-Werror=format-security]
> +|     error (EXIT_FAILURE, errno, _("input error"));
> +|     ^~~~~
> +| ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments [-Werror=format-security]
> +|         _("could not convert from UTF-8 to UCS-4"));
> +|         ^
> +| ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments [-Werror=format-security]
> +|         _("could not convert from UTF-8 to UCS-4"));
> +|         ^
> +| ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments [-Werror=format-security]
> +|       _("could not convert from UTF-8 to UCS-4"));
> +|       ^
> +| ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments [-Werror=format-security]
> +|       _("could not convert from UCS-4 to UTF-8"));
> +|       ^
> +| ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments [-Werror=format-security]
> +|       _("could not convert from UCS-4 to UTF-8"));
> +|       ^
> +| ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments [-Werror=format-security]
> +|         _("could not convert from UCS-4 to UTF-8"));
> +|         ^
> +| ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments [-Werror=format-security]
> +|       _("could not convert from UTF-8 to UCS-4"));
> +|       ^
> +| ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments [-Werror=format-security]
> +|      _("could not convert from UTF-8 to UCS-4"));
> +|      ^
> +| ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments [-Werror=format-security]
> +|       error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
> +|       ^~~~~
> +| ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments [-Werror=format-security]
> +|      _("could not convert from UTF-8 to UCS-4"));
> +|      ^
> +
> +Signed-off-by: André Draszik <adraszik@tycoint.com>
> +---
> +Upstream-Status: Pending
> +
> + src/idn.c | 27 ++++++++++++++-------------
> + 1 file changed, 14 insertions(+), 13 deletions(-)
> +
> +diff --git a/src/idn.c b/src/idn.c
> +index be1c7d1..68e4291 100644
> +--- a/src/idn.c
> ++++ b/src/idn.c
> +@@ -170,7 +170,7 @@ main (int argc, char *argv[])
> +       (args_info.idna_to_unicode_given ? 1 : 0) +
> +       (args_info.nfkc_given ? 1 : 0) != 1)
> +     {
> +-      error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));
> ++      error (0, 0, "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified"));
> +       usage (EXIT_FAILURE);
> +     }
> +
> +@@ -185,7 +185,7 @@ main (int argc, char *argv[])
> +   if (!args_info.quiet_given
> +       && args_info.inputs_num == 0
> +       && isatty (fileno (stdin)))
> +-    fprintf (stderr, _("Type each input string on a line by itself, "
> ++    fprintf (stderr, "%s", _("Type each input string on a line by itself, "
> +                      "terminated by a newline character.\n"));
> +
> +   do
> +@@ -197,7 +197,7 @@ main (int argc, char *argv[])
> +         if (feof (stdin))
> +           break;
> +
> +-        error (EXIT_FAILURE, errno, _("input error"));
> ++        error (EXIT_FAILURE, errno, "%s", _("input error"));
> +       }
> +
> +       if (strlen (line) > 0)
> +@@ -215,7 +215,7 @@ main (int argc, char *argv[])
> +         if (!q)
> +           {
> +             free (p);
> +-            error (EXIT_FAILURE, 0,
> ++            error (EXIT_FAILURE, 0, "%s",
> +                    _("could not convert from UTF-8 to UCS-4"));
> +           }
> +
> +@@ -240,7 +240,7 @@ main (int argc, char *argv[])
> +         if (!q)
> +           {
> +             free (r);
> +-            error (EXIT_FAILURE, 0,
> ++            error (EXIT_FAILURE, 0, "%s",
> +                    _("could not convert from UTF-8 to UCS-4"));
> +           }
> +
> +@@ -277,7 +277,7 @@ main (int argc, char *argv[])
> +         q = stringprep_utf8_to_ucs4 (p, -1, &len);
> +         free (p);
> +         if (!q)
> +-          error (EXIT_FAILURE, 0,
> ++          error (EXIT_FAILURE, 0, "%s",
> +                  _("could not convert from UTF-8 to UCS-4"));
> +
> +         if (args_info.debug_given)
> +@@ -336,7 +336,7 @@ main (int argc, char *argv[])
> +         r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
> +         free (q);
> +         if (!r)
> +-          error (EXIT_FAILURE, 0,
> ++          error (EXIT_FAILURE, 0, "%s",
> +                  _("could not convert from UCS-4 to UTF-8"));
> +
> +         p = stringprep_utf8_to_locale (r);
> +@@ -360,7 +360,7 @@ main (int argc, char *argv[])
> +         q = stringprep_utf8_to_ucs4 (p, -1, NULL);
> +         free (p);
> +         if (!q)
> +-          error (EXIT_FAILURE, 0,
> ++          error (EXIT_FAILURE, 0, "%s",
> +                  _("could not convert from UCS-4 to UTF-8"));
> +
> +         if (args_info.debug_given)
> +@@ -438,7 +438,7 @@ main (int argc, char *argv[])
> +         if (!q)
> +           {
> +             free (p);
> +-            error (EXIT_FAILURE, 0,
> ++            error (EXIT_FAILURE, 0, "%s",
> +                    _("could not convert from UCS-4 to UTF-8"));
> +           }
> +
> +@@ -494,7 +494,7 @@ main (int argc, char *argv[])
> +         r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL);
> +         free (q);
> +         if (!r)
> +-          error (EXIT_FAILURE, 0,
> ++          error (EXIT_FAILURE, 0, "%s",
> +                  _("could not convert from UTF-8 to UCS-4"));
> +
> +         p = stringprep_utf8_to_locale (r);
> +@@ -523,7 +523,7 @@ main (int argc, char *argv[])
> +             if (!q)
> +               {
> +                 free (p);
> +-                error (EXIT_FAILURE, 0,
> ++                error (EXIT_FAILURE, 0, "%s",
> +                        _("could not convert from UTF-8 to UCS-4"));
> +               }
> +
> +@@ -537,7 +537,8 @@ main (int argc, char *argv[])
> +         r = stringprep_utf8_nfkc_normalize (p, -1);
> +         free (p);
> +         if (!r)
> +-          error (EXIT_FAILURE, 0, _("could not do NFKC normalization"));
> ++          error (EXIT_FAILURE, 0, "%s",
> ++                 _("could not do NFKC normalization"));
> +
> +         if (args_info.debug_given)
> +           {
> +@@ -547,7 +548,7 @@ main (int argc, char *argv[])
> +             if (!q)
> +               {
> +                 free (r);
> +-                error (EXIT_FAILURE, 0,
> ++                error (EXIT_FAILURE, 0, "%s",
> +                        _("could not convert from UTF-8 to UCS-4"));
> +               }
> +
> +--
> +2.8.1
> +
> diff --git a/meta/recipes-extended/libidn/libidn_1.33.bb b/meta/recipes-extended/libidn/libidn_1.33.bb
> index 109cc7f3f5..9e8bdbae18 100644
> --- a/meta/recipes-extended/libidn/libidn_1.33.bb
> +++ b/meta/recipes-extended/libidn/libidn_1.33.bb
> @@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/libidn/${BPN}-${PV}.tar.gz \
>             file://dont-depend-on-help2man.patch \
>             file://0001-idn-fix-printf-format-security-warnings.patch \
>             file://gcc7-compatibility.patch \
> +           file://0001-idn-format-security-warnings.patch \
>  "
>
>  SRC_URI[md5sum] = "a9aa7e003665de9c82bd3f9fc6ccf308"
> --
> 2.13.0
>