[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] PATCH: Avoid format string abuse (also avoids gcc warnings).



Jim Meyering wrote:
"Daniel P. Berrange" <berrange redhat com> wrote:
On Tue, Nov 06, 2007 at 08:31:06PM +0100, Jim Meyering wrote:
This patch was prompted by warnings like this:

  util.c:56: warning: format not a string literal and no format arguments
Hmm, what compiler version are you using ? I don't see those warnings when
I build. Or did you add extra compiler flags ? If the latter we should
make sure they're included in our default flag set so we don't reintroduce
similar flaws in the future.

gcc snapshot build a week or two ago on rawhide, but these options aren't new.
I always use -Wformat and -Wformat-security.  Here's a patch:

	* acinclude.m4 (minimum): Add -Wformat and -Wformat-security.

diff --git a/acinclude.m4 b/acinclude.m4
index 15bb7ff..1c4051d 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -26,7 +26,7 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[
         try_compiler_flags=""
 	;;
     minimum)
-	try_compiler_flags="-Wall $common_flags"
+	try_compiler_flags="-Wall -Wformat -Wformat-security $common_flags"
 	;;
     yes)
 	try_compiler_flags="-Wall -Wmissing-prototypes $common_flags"

I'm just going to apply this and your other patch, because I always compile with --enable-compile-warnings=error to catch exactly these sorts of regressions / errors, and I wasn't seeing that bug in util.c until you pointed it out.

Thanks for contributing!

Rich.

--
Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom.  Registered in
England and Wales under Company Registration No. 03798903

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]