Re: [Gtkpod-devel] gtkpod fails to build in debian, patch

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Wed, Oct 3, 2012 at 7:11 PM, phantomjinx <
p.g...@ph...> wrote:

> "Brent S. Elmer Ph.D." <we...@ai...> wrote:
>
>> gtkpod fails to build in debian testing.  It gives the following error:
>>
>> clarity_cover.c:244:9: error: format not a string literal and no format
>> arguments [-Werror=format-security]
>>
>> I fixed the problem like this:
>>
>> gtkpod-2.1.2/plugins/clarity/clarity_cover.c
>>
>>     // Set cover artwork
>>     gtk_clutter_texture_set_from_pixbuf
>> (GTK_CLUTTER_TEXTURE(priv->texture), item->albumart, &error);
>>     if (error) {
>> +       g_warning("%s", error->message);
>> -       g_warning(error->message);
>>         g_error_free(error);
>>         return;
>>     }
>>
>> After the fix gtkpod compiled.
>>
>>
>>
>> ------------------------------
>>
>> Don't let slow site performance ruin your business. Deploy New Relic APM
>> Deploy New Relic app performance management and know exactly
>> what is happening inside your Ruby, Python, PHP, Java, and .NET app
>> Try New Relic at no cost today and get our sweet Data Nerd shirt too!
>> http://p.sf.net/sfu/newrelic-dev2dev
>> ------------------------------
>>
>> Gtkpod-devel mailing list
>> Gtk...@li...
>> https://lists.sourceforge.net/lists/listinfo/gtkpod-devel
>>
>>
> Thanks. Little perplexed why that would be a compile error ...
>

Because if a user manages to sneak a %-printf code in the error message he
might get a crash at best, or the system could be compromised at worst. In
any case the result is not defined.