error: format not a string literal and no format arguments
Cristian Ionescu-Idbohrn
cristian.ionescu-idbohrn at axis.com
Sat Oct 24 13:16:23 UTC 2009
On Fri, 23 Oct 2009, Denys Vlasenko wrote:
> We KNOW bb_path_mtab_file does not contain %format.
> I do not want to vandalize code just because specific version of gcc
> is nuts.
Sorry, I was neither involved in the development of that specific gcc
option nor in gentoo's (and several other distributions) making
-Wformat-security a default option. Of course, the current behaviour
could be reverted to not being default with a -Wno-format-security in
Makefile.flags. Mike Frysinger wrote about it a while ago:
http://patchwork.kernel.org/patch/4730/
Still, do we want to do that?
There are some obvious places that would be ok, as we control the strings:
bb_error_msg(bb_msg_memory_exhausted);
bb_error_msg(bb_msg_perm_denied_are_you_root);
bb_error_msg_and_die(bb_msg_memory_exhausted);
bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
bb_error_msg_and_die(bb_msg_read_error);
bb_error_msg_and_die(bb_msg_write_error);
bb_perror_msg(bb_msg_can_not_create_raw_socket);
bb_perror_msg(bb_msg_read_error);
bb_perror_msg(bb_msg_write_error);
bb_perror_msg(bb_path_mtab_file);
bb_perror_msg_and_die(bb_msg_can_not_create_raw_socket);
bb_perror_msg_and_die(bb_msg_read_error);
bb_perror_msg_and_die(bb_msg_standard_input);
bb_perror_msg_and_die(bb_msg_standard_output);
bb_perror_msg_and_die(bb_path_mtab_file);
col = fmtstr(s, 32, strsignal(st));
printf(bbconfig_config);
and some other places where it might not:
bb_error_msg((char*)error_pkt_str);
bb_perror_msg(file);
bb_perror_msg_and_die(str);
printf(pr->fmt);
Anyway, making -Wformat-security a default option is, arguably, for a
reason. A lot has been written about it in the passed 10 years or so.
Try:
http://en.wikipedia.org/wiki/Format_string_attack
which refers to this:
http://julianor.tripod.com/bc/formatstring-1.2.pdf
> Does it compile with CONFIG_WERROR off?
Yes (forgot about that).
Found another small bug. This:
--- util-linux/mkfs_ext2.c.orig 2009-10-22 00:55:55.000000000 +0200
+++ util-linux/mkfs_ext2.c 2009-10-24 10:45:15.370943859 +0200
@@ -389,7 +389,7 @@ int mkfs_ext2_main(int argc UNUSED_PARAM
"%u inodes, %u blocks\n"
"%u blocks (%u%%) reserved for the super user\n"
"First data block=%u\n"
- "Maximum filesystem blocks=%u\n"
+ "Maximum filesystem blocks=%lu\n"
"%u block groups\n"
"%u blocks per group, %u fragments per group\n"
"%u inodes per group"
corrects this:
util-linux/mkfs_ext2.c: In function 'mkfs_ext2_main':
util-linux/mkfs_ext2.c:406: error: format '%u' expects type 'unsigned int',
but argument 12 has type 'long unsigned int'
Cheers,
--
Cristian
More information about the busybox
mailing list