about gcc warnings

gotrunks at gmail.com gotrunks at gmail.com
Sun Feb 13 21:26:24 UTC 2011


On Sun, Feb 13, 2011 at 9:18 PM, Gilles Espinasse <g.esp at free.fr> wrote:
>
> ----- Original Message -----
> From: "Denys Vlasenko" <vda.linux at googlemail.com>
> To: <busybox at busybox.net>
> Cc: "Gilles Espinasse" <g.esp at free.fr>; <gotrunks at gmail.com>
> Sent: Sunday, February 13, 2011 6:31 PM
> Subject: Re: about gcc warnings
>
>
>> On Sunday 13 February 2011 14:24, Gilles Espinasse wrote:
>> >
>> > ----- Original Message -----
>> > From: <gotrunks at gmail.com>
>> > To: <busybox at busybox.net>
>> > Sent: Sunday, February 13, 2011 1:39 PM
>> > Subject: about gcc warnings
>> >
>> >
>> > > In busybox there are a lot of compile warnings like:
>> > > networking/wget.c:365: warning: format not a string literal and no
>> > > format arguments
>> > >
>> > > are these warnings wanted for some reason?
>>
>> I don't get any such warnings.
>>
> I was thinking that warning was related to gcc fortify. But no, this is a
> gcc warning
>
>> > Should only be rusting code
>> > This sort of warning is not present in 1.17.3.
>
> My error, I didn't see this warning because I didn't have -Wformat-security
>
>> But this just increases code size for no benefit.
>
> gcc-4.4.5 manual say
> If -Wformat is specified, also warn about uses of format functions that
> represent possible security problems. At present, this warns about calls to
> printf and scanf functions where the format string is not a string literal
> and there are no format arguments, as in printf (foo);. This may be a
> security hole if the format string came from untrusted input and contains
> `%n'. (This is currently a subset of what -Wformat-nonliteral warns about,
> but in future warnings may be added to -Wformat-security that are not
> included in -Wformat-nonliteral.)
>

AFAICS inputs used are always trusted

e.g. libbb/messages.c:const char bb_msg_memory_exhausted[] ALIGN1 =
"out of memory";

but sounds like a good practice to follow

> I have seen this size increase changing mount (bb-1.17.4) 6 warnings
>  root:/usr/src/busybox-1.17.4$ make bloatcheck
> function                                             old     new   delta
> singlemount                                          680     693     +13
> mount_it_now                                         178     185      +7
> ----------------------------------------------------------------------------
> --
> (add/remove: 0/0 grow/shrink: 2/0 up/down: 20/0)               Total: 20
> bytes
>   text    data     bss     dec     hex filename
>  293400    3253    8648  305301   4a895 busybox_old
>  293420    3253    8648  305321   4a8a9 busybox_unstripped
>

Well, I think there are more than 6 in trunk

~/dev/busybox$ grep -R 'msg(bb_msg' * | wc -l
12
~/dev/busybox$ grep -R 'die(bb_msg' * | wc -l
70


>
> Gilles
>
>


More information about the busybox mailing list