[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#921136: marked as done (lintian: hardening-no-fortify-functions possible false positive)

Your message dated Thu, 28 Nov 2019 11:06:46 +0000
with message-id <E1iaHdG-000IBd-7d@fasolo.debian.org>
and subject line Bug#921136: fixed in lintian 2.39.0
has caused the Debian Bug report #921136,
regarding lintian: hardening-no-fortify-functions possible false positive
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
921136: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921136
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: lintian
Version: 2.5.124
Severity: normal

Dear Maintainer,

I'm trying to figure out why my package (wxpython4.0) is getting flagged for
hardening-no-fortify-functions even though I have
export DEB_BUILD_MAINT_OPTIONS = hardening=+all in my debian/rules and I can see
the -DFORTIFY_SOURCE=2 being set in g++ arguments.

I added some debug to binaries.pm and I determined that it is only finding
wmemcpy function as not being hardened.  I grepped my source tree and I do not
find any calls to wmemcpy.  I then ran objdump -d on one of the built .so's.  If
I am reading the objdump correctly, the only calls to wmemcpy are in functions
named like:

_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE12_M_constructIPKwEEvT_S8_St20forward_iterator_tag

This sounds like some sort of auto-generated C++ function?

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lintian depends on:
ii  binutils                       2.31.1-11
ii  bzip2                          1.0.6-9
ii  diffstat                       1.62-1
ii  dpkg                           1.19.4
ii  dpkg-dev                       1.19.4
ii  file                           1:5.35-2
ii  gettext                        0.19.8.1-9
ii  gpg                            2.2.12-1
ii  intltool-debian                0.35.0+20060710.5
ii  libapt-pkg-perl                0.1.34+b1
ii  libarchive-zip-perl            1.64-1
ii  libcgi-pm-perl                 4.40-1
ii  libclass-accessor-perl         0.51-1
ii  libclone-perl                  0.41-1+b1
pn  libdigest-sha-perl             <none>
ii  libdpkg-perl                   1.19.4
ii  libemail-valid-perl            1.202-1
ii  libfile-basedir-perl           0.08-1
ii  libio-async-perl               0.72-1
ii  libipc-run-perl                20180523.0-1
ii  liblist-moreutils-perl         0.416-1+b4
ii  libparse-debianchangelog-perl  1.2.0-13
ii  libtext-levenshtein-perl       0.13-1
ii  libtimedate-perl               2.3000-2
ii  liburi-perl                    1.76-1
ii  libxml-simple-perl             2.25-1
ii  libyaml-libyaml-perl           0.76+repack-1
ii  man-db                         2.8.5-1
ii  patchutils                     0.3.4-2
ii  perl                           5.28.1-3
ii  t1utils                        1.41-3
ii  xz-utils                       5.2.4-1

Versions of packages lintian recommends:
ii  libperlio-gzip-perl  0.19-1+b5

Versions of packages lintian suggests:
pn  binutils-multiarch     <none>
ii  libhtml-parser-perl    3.72-3+b3
ii  libtext-template-perl  1.54-1

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: lintian
Source-Version: 2.39.0

We believe that the bug you reported is fixed in the latest version of
lintian, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 921136@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb <lamby@debian.org> (supplier of updated lintian package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 28 Nov 2019 10:34:27 +0000
Source: lintian
Architecture: source
Version: 2.39.0
Distribution: unstable
Urgency: medium
Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 921136
Changes:
 lintian (2.39.0) unstable; urgency=medium
 .
   [ Scott Talbert ]
   * Add wmem{cpy,move,set} to the list of excluded hardened functions to
     avoid many false-positives. (Closes: #921136)
 .
   [ Louis-Philippe Véronneau ]
   * Check to ensure debian/rules files are executable.
   * Update instructions to download build-dependencies with "apt" instead
     of "apt-get".
 .
   [ Chris Lamb ]
   * Don't emit debian-rules-not-executable if debian/rules is a symlink; we
     warn about this via debian-rules-is-symlink.
Checksums-Sha1:
 de96d49077b883a4e83771b13d04707551fd1f2e 4103 lintian_2.39.0.dsc
 926c5ea964fe74a4a3c1a617c658073ab9047430 1800000 lintian_2.39.0.tar.xz
 6cf79be0d588258b98ef5300b6418027d750991e 17115 lintian_2.39.0_amd64.buildinfo
Checksums-Sha256:
 76d497258d54befb85ebb3d99903386025f923559bbfaf926fcb1a82cb1f2a27 4103 lintian_2.39.0.dsc
 e77305598a888919471b148731f962399baa3c3996ad265f05fa7b438bb8e5dd 1800000 lintian_2.39.0.tar.xz
 507d8781adf705377f7209767d817490cfce52e33173b1d981b5dc64f7d54f60 17115 lintian_2.39.0_amd64.buildinfo
Files:
 4e58335e314ab7c39ea0844a6c3c7a4c 4103 devel optional lintian_2.39.0.dsc
 9efb866eb9dae97c25da492c9381296a 1800000 devel optional lintian_2.39.0.tar.xz
 52b7840d5d3101bf81084877631d7600 17115 devel optional lintian_2.39.0_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl3fqCMACgkQHpU+J9Qx
HlibrRAAv/IQapFOSaCrQmZEZ9fq9EqA3usZH0yMHAChNwpmn1/zVll4KbTbR4H7
TjtMX+vxm2Nsvq8I5J0nsNcoRXm7T7wxRvvrHXfkLUEJ8fIyQvZ+YRmAJNlgcsMc
4UN0Kw8O+1cMolu85YKSRtYKVdP1PZJ6heFkCSvhA+n890xMiA9LoL9Oq4rH9b0d
i6JRQyevOODvr68hXg4OR7vvfPemmi858RetK6X6CC5J0pAVMOmMa+sIDhJLPTW2
dAEPjWp98OcK3YODZpkZCh2DZxRaEoXR/UxG5epKHVT6bSJY5dbZe62vo6FDH8Ar
XWya1JuKxIV+OZbF2A3nf2WvjtMkziNLcybTdfFSmfKCgmt5W0GaEoDaBPLq2xaW
Mh7Bl6P7mGXtq1S0DhcDr8pwVK4yE4zAIjn57jaR4qQZdEGFr0wEKQd2xOJcI8DX
AWAZSSB1xrTifEMJeUi11AN976CH/dwZtfsFYIuZz0uPGYGFDNCRrn13s79snH6f
A8mQAOgMkSyxL3yc94ZsdCQ9cslr8MABiv8KzkPuhGba+kwbWoAUNvFRpTLPuRu0
dTva0id9AuacqQWzV2KzbgNnlkSBRGnrnt1XcApQViBbSwPg9w53uPLsAFc8GLSS
461/7jF/C9xpyRyoKLmJ4DcZTtmNaIPKefLKafL6P1u2MUqfLfA=
=h+Iv
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: