Masanori Ogino has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/45311 )
Change subject: crossgcc: Fix libcpp to address -Wformat-security. ......................................................................
crossgcc: Fix libcpp to address -Wformat-security.
On some systems where the system compiler enables `-Wformat-security -Werror=format-security` options are enabled by default, building libcpp fails because the code passes a variable directly as a format string.
This change addresses this problem by patching the affected code.
Tested with the default compiler of Nixpkgs unstable, GCC 9.3.0 with the options described above enabled by default.
Signed-off-by: Masanori Ogino mogino@acm.org Change-Id: Ibf3c9e79ce10cd400c9f7ea40dd6de1ab81b50e2 --- A util/crossgcc/patches/gcc-8.3.0_libcpp.patch 1 file changed, 56 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/11/45311/1
diff --git a/util/crossgcc/patches/gcc-8.3.0_libcpp.patch b/util/crossgcc/patches/gcc-8.3.0_libcpp.patch new file mode 100644 index 0000000..b2701511 --- /dev/null +++ b/util/crossgcc/patches/gcc-8.3.0_libcpp.patch @@ -0,0 +1,56 @@ +GCC with `-Wformat-security -Werror=format-security` hardening options enabled +by default rejects some codes in libcpp. This patch fixes them. + +--- gcc-8.3.0/libcpp/expr.c.orig 2020-09-11 15:44:45.770000000 +0900 ++++ gcc-8.3.0/libcpp/expr.c 2020-09-11 15:46:22.370000000 +0900 +@@ -794,10 +794,10 @@ + + if (CPP_OPTION (pfile, c99)) + cpp_warning_with_line (pfile, CPP_W_LONG_LONG, virtual_location, +- 0, message); ++ 0, "%s", message); + else + cpp_pedwarning_with_line (pfile, CPP_W_LONG_LONG, +- virtual_location, 0, message); ++ virtual_location, 0, "%s", message); + } + + result |= CPP_N_INTEGER; +--- gcc-8.3.0/libcpp/macro.c.bak 2020-09-11 16:01:42.550000000 +0900 ++++ gcc-8.3.0/libcpp/macro.c 2020-09-11 16:03:47.850000000 +0900 +@@ -160,7 +160,7 @@ + if (m_state == 2 && token->type == CPP_PASTE) + { + cpp_error_at (m_pfile, CPP_DL_ERROR, token->src_loc, +- vaopt_paste_error); ++ "%s", vaopt_paste_error); + return ERROR; + } + /* Advance states before further considering this token, in +@@ -189,7 +189,7 @@ + if (was_paste) + { + cpp_error_at (m_pfile, CPP_DL_ERROR, token->src_loc, +- vaopt_paste_error); ++ "%s", vaopt_paste_error); + return ERROR; + } + +@@ -3361,7 +3361,7 @@ + function-like macros, but not at the end. */ + if (following_paste_op) + { +- cpp_error (pfile, CPP_DL_ERROR, paste_op_error_msg); ++ cpp_error (pfile, CPP_DL_ERROR, "%s", paste_op_error_msg); + return false; + } + break; +@@ -3374,7 +3374,7 @@ + function-like macros, but not at the beginning. */ + if (macro->count == 1) + { +- cpp_error (pfile, CPP_DL_ERROR, paste_op_error_msg); ++ cpp_error (pfile, CPP_DL_ERROR, "%s", paste_op_error_msg); + return false; + } +
Masanori Ogino has uploaded a new patch set (#2). ( https://review.coreboot.org/c/coreboot/+/45311 )
Change subject: crossgcc: Fix libcpp to address -Wformat-security. ......................................................................
crossgcc: Fix libcpp to address -Wformat-security.
On some systems where the system compiler enables `-Wformat-security -Werror=format-security` options by default, building libcpp fails because the code passes a variable directly as a format string.
This change addresses this problem by patching the affected code.
Tested with the default compiler of Nixpkgs unstable, GCC 9.3.0 with the options described above enabled by default.
Signed-off-by: Masanori Ogino mogino@acm.org Change-Id: Ibf3c9e79ce10cd400c9f7ea40dd6de1ab81b50e2 --- A util/crossgcc/patches/gcc-8.3.0_libcpp.patch 1 file changed, 56 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/11/45311/2
Hello build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/45311
to look at the new patch set (#3).
Change subject: crossgcc: Fix libcpp to address -Wformat-security ......................................................................
crossgcc: Fix libcpp to address -Wformat-security
On some systems where the system compiler enables `-Wformat-security -Werror=format-security` options by default, building libcpp fails because the code passes a variable directly as a format string.
This change addresses this problem by patching the affected code.
Tested with the default compiler of Nixpkgs unstable, GCC 9.3.0 with the options described above enabled by default.
Signed-off-by: Masanori Ogino mogino@acm.org Change-Id: Ibf3c9e79ce10cd400c9f7ea40dd6de1ab81b50e2 --- A util/crossgcc/patches/gcc-8.3.0_libcpp.patch 1 file changed, 56 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/11/45311/3
Paul Menzel has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45311 )
Change subject: crossgcc: Fix libcpp to address -Wformat-security ......................................................................
Patch Set 3: Code-Review+2
Thank you for the patch. Have you also sent it upstream?
Masanori Ogino has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45311 )
Change subject: crossgcc: Fix libcpp to address -Wformat-security ......................................................................
Patch Set 3:
Patch Set 3: Code-Review+2
Thank you for the patch. Have you also sent it upstream?
Not yet but I will. Thank you for the suggestion.
Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45311 )
Change subject: crossgcc: Fix libcpp to address -Wformat-security ......................................................................
Patch Set 3: Code-Review+2
Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/45311 )
Change subject: crossgcc: Fix libcpp to address -Wformat-security ......................................................................
crossgcc: Fix libcpp to address -Wformat-security
On some systems where the system compiler enables `-Wformat-security -Werror=format-security` options by default, building libcpp fails because the code passes a variable directly as a format string.
This change addresses this problem by patching the affected code.
Tested with the default compiler of Nixpkgs unstable, GCC 9.3.0 with the options described above enabled by default.
Signed-off-by: Masanori Ogino mogino@acm.org Change-Id: Ibf3c9e79ce10cd400c9f7ea40dd6de1ab81b50e2 Reviewed-on: https://review.coreboot.org/c/coreboot/+/45311 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Paul Menzel paulepanter@users.sourceforge.net Reviewed-by: Angel Pons th3fanbus@gmail.com --- A util/crossgcc/patches/gcc-8.3.0_libcpp.patch 1 file changed, 56 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Paul Menzel: Looks good to me, approved Angel Pons: Looks good to me, approved
diff --git a/util/crossgcc/patches/gcc-8.3.0_libcpp.patch b/util/crossgcc/patches/gcc-8.3.0_libcpp.patch new file mode 100644 index 0000000..124637e --- /dev/null +++ b/util/crossgcc/patches/gcc-8.3.0_libcpp.patch @@ -0,0 +1,56 @@ +GCC with `-Wformat-security -Werror=format-security` hardening options enabled +by default rejects some codes in libcpp. This patch fixes them. + +--- gcc-8.3.0/libcpp/expr.c.bak 2020-09-11 15:44:45.770000000 +0900 ++++ gcc-8.3.0/libcpp/expr.c 2020-09-11 15:46:22.370000000 +0900 +@@ -794,10 +794,10 @@ + + if (CPP_OPTION (pfile, c99)) + cpp_warning_with_line (pfile, CPP_W_LONG_LONG, virtual_location, +- 0, message); ++ 0, "%s", message); + else + cpp_pedwarning_with_line (pfile, CPP_W_LONG_LONG, +- virtual_location, 0, message); ++ virtual_location, 0, "%s", message); + } + + result |= CPP_N_INTEGER; +--- gcc-8.3.0/libcpp/macro.c.bak 2020-09-11 16:01:42.550000000 +0900 ++++ gcc-8.3.0/libcpp/macro.c 2020-09-11 16:03:47.850000000 +0900 +@@ -160,7 +160,7 @@ + if (m_state == 2 && token->type == CPP_PASTE) + { + cpp_error_at (m_pfile, CPP_DL_ERROR, token->src_loc, +- vaopt_paste_error); ++ "%s", vaopt_paste_error); + return ERROR; + } + /* Advance states before further considering this token, in +@@ -189,7 +189,7 @@ + if (was_paste) + { + cpp_error_at (m_pfile, CPP_DL_ERROR, token->src_loc, +- vaopt_paste_error); ++ "%s", vaopt_paste_error); + return ERROR; + } + +@@ -3361,7 +3361,7 @@ + function-like macros, but not at the end. */ + if (following_paste_op) + { +- cpp_error (pfile, CPP_DL_ERROR, paste_op_error_msg); ++ cpp_error (pfile, CPP_DL_ERROR, "%s", paste_op_error_msg); + return false; + } + break; +@@ -3374,7 +3374,7 @@ + function-like macros, but not at the beginning. */ + if (macro->count == 1) + { +- cpp_error (pfile, CPP_DL_ERROR, paste_op_error_msg); ++ cpp_error (pfile, CPP_DL_ERROR, "%s", paste_op_error_msg); + return false; + } +
-
Angel Pons (Code Review) -
Masanori Ogino (Code Review)
-
Patrick Georgi (Code Review)
-
Paul Menzel (Code Review)