This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] fix warnings with -D_FORTIFY_SOURCE and -Wformat-security

From: "Joseph S. Myers" <joseph at codesourcery dot com>
To: Matthias Klose <doko at ubuntu dot com>
Cc: GCC Patches <gcc-patches at gcc dot gnu dot org>, fortran at gcc dot gnu dot org
Date: Sun, 15 Mar 2009 23:57:35 +0000 (UTC)
Subject: Re: [patch] fix warnings with -D_FORTIFY_SOURCE and -Wformat-security
References: <49BD8445.6070705@ubuntu.com>

On Sun, 15 Mar 2009, Matthias Klose wrote:

> --- src/gcc/cp/parser.c~	2009-03-11 13:02:15.000000000 +0100
> +++ src/gcc/cp/parser.c	2009-03-15 16:59:59.000000000 +0100
> @@ -2204,7 +2204,7 @@
>      {
>        /* Don't use `%s' to print the string, because quotations (`%<', `%>')
>  	 in the message need to be interpreted.  */
> -      error (parser->type_definition_forbidden_message);
> +      error ("%s", parser->type_definition_forbidden_message);
>        return false;
>      }
>    return true;

In this case, the comment explicitly tells you not to do what the patch is 
doing.

I think the right fix is to define an enumeration for all the different 
messages that can appear here, and then switch on the enumeration, passing 
the messages directly to error.  As a bonus you improve i18n, since the 
messages aren't presently marked for translation with N_().

> @@ -2291,7 +2291,7 @@
>  	  char *message = concat (thing,
>  				  " cannot appear in a constant-expression",
>  				  NULL);
> -	  error (message);
> +	  error ("%s", message);
>  	  free (message);
>  	  return true;

Again there's a comment (just above the context) telling you not to do 
this.  Again, an enumeration might be used; then you could pass full 
sentences, not concatenations, to error, and again you improve i18n.  
There are various places the C front end uses enums like this, in the 
interests of better i18n.  I reiterate my willingness to review and 
approve (as i18n maintainer) C++ front-end patches that improve i18n by 
causing full sentences to be passed for translation unless those patches 
have been specifically rejected by C++ front-end maintainers.

For the target hooks, it might be possible to change their interfaces to 
call the error functions themselves rather than passing strings about.

I hope this illustrates that if you wish to avoid these warnings for 
diagnostic functions, you need to consider carefully how to fix each case; 
you can't just apply one mechanical fix everywhere.

-- 
Joseph S. Myers
joseph@codesourcery.com

References:
- [patch] fix warnings with -D_FORTIFY_SOURCE and -Wformat-security
  - From: Matthias Klose

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]