249975 – nhpf not built with $RPM_OPT_FLAGS

Bug 249975 - nhpf not built with $RPM_OPT_FLAGS

Summary: nhpf not built with $RPM_OPT_FLAGS

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	nhpf
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Caius Chance
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-07-28 20:27 UTC by Ville Skyttä
Modified:	2007-11-30 22:12 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-09-25 07:00:16 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ville Skyttä 2007-07-28 20:27:07 UTC

nhpf isn't built with $RPM_OPT_FLAGS.  Fix: make CFLAG="$RPM_OPT_FLAGS"

Comment 1 Caius Chance 2007-08-08 02:36:22 UTC

Hi Ville, I have gone to the upstream website but it is all in Korean text that
I could not understand.

Could you kindly explain to me what your fix suggestion does?

I am wondering if upstream's latest release has fixed the above issue. If so, we
could just synchonize from there. Hence, would you be possible to confirm that?

Comment 2 Ville Skyttä 2007-08-09 20:31:28 UTC

I don't know a thing about nhpf nor do I speak/read Korean so I'm afraid I can't
help you with that.

About $RPM_OPT_FLAGS missing - practically the whole distro (and should be)
built with $RPM_OPT_FLAGS.  Currently the stuff in this package ends up being
built eg. like:

  cc -O -c nhpf.c

With the suggested fix in the initial comment, it becomes (on my x86_64 box):

  cc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions \
    -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -c nhpf.c

So, without the fix, we get an unusual optimization level, no debug symbols
(resulting in useless debuginfo package, which is where I noticed this problem
from), no preprocessor source fortification, no extra buffer overflow detection
code etc - in other words quite a few features, some of which are security
related that users expect to get in Fedora packages are not present in this
package.  Some further info is at
http://fedoraproject.org/wiki/Packaging/Debuginfo - although it's debuginfo
centric, there are some other points in it as well.

Comment 3 Caius Chance 2007-08-16 01:11:17 UTC

Hi Ville, I am checking with person in charged regarding modification permission.

Comment 6 Caius Chance 2007-09-25 00:21:37 UTC

Please check out the test patch:

http://fedorapeople.org/~cchance/20070925_nhpf/nhpf-1.42-10.src.rpm
http://fedorapeople.org/~cchance/20070925_nhpf/nhpf-1.42-10.bz249975.patch
http://fedorapeople.org/~cchance/20070925_nhpf/nhpf.spec

Comment 7 Matthias Clasen 2007-09-25 00:37:54 UTC

The patch is not right, since it hardcodes the current value of RPM_OPT_FLAGS
into the Makefile. Instead, make should be called in the %build section as Ville
showed in the very first line of this bug:

make CFLAG="$RPM_OPT_FLAGS"

Comment 8 Caius Chance 2007-09-25 01:08:45 UTC

Updated from comment #7. Please kindly recheck:

http://fedorapeople.org/~cchance/20070925_nhpf/nhpf-1.42-10.src.rpm
http://fedorapeople.org/~cchance/20070925_nhpf/nhpf.spec

Comment 9 Matthias Clasen 2007-09-25 01:16:44 UTC

Spec file looks allright now, from cursory inspection.

Comment 10 Caius Chance 2007-09-25 07:00:16 UTC

Built to Rawhide.

Note You need to log in before you can comment on or make changes to this bug.