error: format not a string literal and no format arguments

Cristian Ionescu-Idbohrn cristian.ionescu-idbohrn at axis.com
Sat Oct 24 15:28:29 UTC 2009


On Sat, 24 Oct 2009, Denys Vlasenko wrote:

> On Saturday 24 October 2009 15:16, Cristian Ionescu-Idbohrn wrote:
> > On Fri, 23 Oct 2009, Denys Vlasenko wrote:
> >
> > > We KNOW bb_path_mtab_file does not contain %format.
> > > I do not want to vandalize code just because specific version of gcc
> > > is nuts.
> >
> > Sorry, I was neither involved in the development of that specific gcc
> > option nor in gentoo's (and several other distributions) making
> > -Wformat-security a default option.  Of course, the current behaviour
> > could be reverted to not being default with a -Wno-format-security in
> > Makefile.flags.  Mike Frysinger wrote about it a while ago:
> >
> > 	http://patchwork.kernel.org/patch/4730/
> >
> > Still, do we want to do that?
> >
> > There are some obvious places that would be ok, as we control the strings:
> >
> > 	bb_error_msg(bb_msg_memory_exhausted);
> > 	bb_error_msg(bb_msg_perm_denied_are_you_root);
> > 	bb_error_msg_and_die(bb_msg_memory_exhausted);
> > 	bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
> > 	bb_error_msg_and_die(bb_msg_read_error);
> > 	bb_error_msg_and_die(bb_msg_write_error);
> > 	bb_perror_msg(bb_msg_can_not_create_raw_socket);
> > 	bb_perror_msg(bb_msg_read_error);
> > 	bb_perror_msg(bb_msg_write_error);
> > 	bb_perror_msg(bb_path_mtab_file);
> > 	bb_perror_msg_and_die(bb_msg_can_not_create_raw_socket);
> > 	bb_perror_msg_and_die(bb_msg_read_error);
> > 	bb_perror_msg_and_die(bb_msg_standard_input);
> > 	bb_perror_msg_and_die(bb_msg_standard_output);
> > 	bb_perror_msg_and_die(bb_path_mtab_file);
> > 	col = fmtstr(s, 32, strsignal(st));
> > 	printf(bbconfig_config);
>
> There should be a way to shut up gcc in these places only
> instead of pessimizing the code. At least I hope so.

Maybe bb_error_msg_safe wrapper calling:

	bb_error_msg("%s", something);

> > and some other places where it might not:
> >
> > 	bb_error_msg((char*)error_pkt_str);
> > 	bb_perror_msg(file);
> > 	bb_perror_msg_and_die(str);
> > 	printf(pr->fmt);
> >
> > Anyway, making -Wformat-security a default option is, arguably, for a
> > reason.  A lot has been written about it in the passed 10 years or so.


Cheers,

-- 
Cristian


More information about the busybox mailing list