This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

-Wformat-security warnings generated in gcc build


There are about 35 warnings of type "format not a string literal and
no formal arguments [-Wformat-security]" generated during gcc-4.9.0
build (revision 206867)
I have attached them in orig-warnings.txt.

Souce of these warnings are typically calls to error() and friends.
In  C and C++ front ends there are many calls of error (errmsg).
errmsg is in many cases, assigned the return value of targetm hooks
(tagetm.invalid_return_type(), etc.)  Is it correct to replace error
(errmsg) by
error ("%s", errmsg) in these cases ?

I have attached a patch that removes 25 of these warnings
(attached in removed-warnings.txt).
I didn't replace the calls to error() and friends where gmsgid was passed.
(eg: c-typeck.c: error (gmsgid) called by error_init() function at line 6390)

Thanks and Regards,
Prathamesh

Attachment: removed-warnings.txt
Description: Text document

Attachment: orig-warnings.txt
Description: Text document

Index: gcc/c/c-convert.c
===================================================================
--- gcc/c/c-convert.c	(revision 206867)
+++ gcc/c/c-convert.c	(working copy)
@@ -79,7 +79,7 @@ convert (tree type, tree expr)
   if ((invalid_conv_diag
        = targetm.invalid_conversion (TREE_TYPE (expr), type)))
     {
-      error (invalid_conv_diag);
+      error ("%s", invalid_conv_diag);
       return error_mark_node;
     }
 
Index: gcc/c/c-decl.c
===================================================================
--- gcc/c/c-decl.c	(revision 206867)
+++ gcc/c/c-decl.c	(working copy)
@@ -5698,7 +5698,7 @@ grokdeclarator (const struct c_declarato
 	    errmsg = targetm.invalid_return_type (type);
 	    if (errmsg)
 	      {
-		error (errmsg);
+		error ("%s", errmsg);
 		type = integer_type_node;
 	      }
 
@@ -6479,7 +6479,7 @@ grokparms (struct c_arg_info *arg_info,
 	  errmsg = targetm.invalid_parameter_type (type);
 	  if (errmsg)
 	    {
-	      error (errmsg);
+	      error ("%s", errmsg);
 	      TREE_VALUE (typelt) = error_mark_node;
 	      TREE_TYPE (parm) = error_mark_node;
 	      arg_types = NULL_TREE;
Index: gcc/c/c-typeck.c
===================================================================
--- gcc/c/c-typeck.c	(revision 206867)
+++ gcc/c/c-typeck.c	(working copy)
@@ -3300,7 +3300,7 @@ convert_arguments (tree typelist, vec<tr
       else if ((invalid_func_diag =
 		targetm.calls.invalid_arg_for_unprototyped_fn (typelist, fundecl, val)))
 	{
-	  error (invalid_func_diag);
+	  error ("%s", invalid_func_diag);
 	  return -1;
 	}
       else
@@ -3795,7 +3795,7 @@ build_unary_op (location_t location,
   if ((invalid_op_diag
        = targetm.invalid_unary_op (code, TREE_TYPE (xarg))))
     {
-      error_at (location, invalid_op_diag);
+      error_at (location, "%s", invalid_op_diag);
       return error_mark_node;
     }
 
@@ -10063,7 +10063,7 @@ build_binary_op (location_t location, en
   if ((invalid_op_diag
        = targetm.invalid_binary_op (code, type0, type1)))
     {
-      error_at (location, invalid_op_diag);
+      error_at (location, "%s", invalid_op_diag);
       return error_mark_node;
     }

Index: gcc/collect2.c
===================================================================
--- gcc/collect2.c	(revision 206867)
+++ gcc/collect2.c	(working copy)
@@ -1982,7 +1982,7 @@ collect_execute (const char *prog, char
 	  fatal_error ("%s: %m", _(errmsg));
 	}
       else
-	fatal_error (errmsg);
+	fatal_error ("%s", errmsg);
     }
 
   free (response_arg);
@@ -2533,7 +2533,7 @@ scan_prog_file (const char *prog_name, s
 	  fatal_error ("%s: %m", _(errmsg));
 	}
       else
-	fatal_error (errmsg);
+	fatal_error ("%s", errmsg);
     }
 
   int_handler  = (void (*) (int)) signal (SIGINT,  SIG_IGN);
Index: gcc/cp/cvt.c
===================================================================
--- gcc/cp/cvt.c	(revision 206867)
+++ gcc/cp/cvt.c	(working copy)
@@ -669,7 +669,7 @@ ocp_convert (tree type, tree expr, int c
        = targetm.invalid_conversion (TREE_TYPE (expr), type)))
     {
       if (complain & tf_error)
-	error (invalid_conv_diag);
+	error ("%s", invalid_conv_diag);
       return error_mark_node;
     }
 
Index: gcc/cp/decl.c
===================================================================
--- gcc/cp/decl.c	(revision 206867)
+++ gcc/cp/decl.c	(working copy)
@@ -9550,7 +9550,7 @@ grokdeclarator (const cp_declarator *dec
 	    errmsg = targetm.invalid_return_type (type);
 	    if (errmsg)
 	      {
-		error (errmsg);
+		error ("%s", errmsg);
 		type = integer_type_node;
 	      }
 
@@ -11119,7 +11119,7 @@ grokparms (tree parmlist, tree *parms)
       if (type != error_mark_node
 	  && (errmsg = targetm.invalid_parameter_type (type)))
 	{
-	  error (errmsg);
+	  error ("%s", errmsg);
 	  type = error_mark_node;
 	  TREE_TYPE (decl) = error_mark_node;
 	}
Index: gcc/cp/pt.c
===================================================================
--- gcc/cp/pt.c	(revision 206867)
+++ gcc/cp/pt.c	(working copy)
@@ -13965,7 +13965,7 @@ tsubst_copy_and_build (tree t,
 				     &error_msg,
 				     input_location);
 	if (error_msg)
-	  error (error_msg);
+	  error ("%s", error_msg);
 	if (!function_p && identifier_p (decl))
 	  {
 	    if (complain & tf_error)
Index: gcc/cp/typeck.c
===================================================================
--- gcc/cp/typeck.c	(revision 206867)
+++ gcc/cp/typeck.c	(working copy)
@@ -3983,7 +3983,7 @@ cp_build_binary_op (location_t location,
        = targetm.invalid_binary_op (code, type0, type1)))
     {
       if (complain & tf_error)
-	error (invalid_op_diag);
+	error ("%s", invalid_op_diag);
       return error_mark_node;
     }
 
@@ -5559,7 +5559,7 @@ cp_build_unary_op (enum tree_code code,
 				   TREE_TYPE (xarg))))
     {
       if (complain & tf_error)
-	error (invalid_op_diag);
+	error ("%s", invalid_op_diag);
       return error_mark_node;
     }
 
Index: gcc/gcc.c
===================================================================
--- gcc/gcc.c	(revision 206867)
+++ gcc/gcc.c	(working copy)
@@ -2782,7 +2782,7 @@ execute (void)
       if (errmsg != NULL)
 	{
 	  if (err == 0)
-	    fatal_error (errmsg);
+	    fatal_error ("%s", errmsg);
 	  else
 	    {
 	      errno = err;
Index: gcc/lto-wrapper.c
===================================================================
--- gcc/lto-wrapper.c	(revision 206867)
+++ gcc/lto-wrapper.c	(working copy)
@@ -192,10 +192,10 @@ collect_execute (char **argv)
       if (err != 0)
 	{
 	  errno = err;
-	  fatal_perror (errmsg);
+	  fatal_perror ("%s", errmsg);
 	}
       else
-	fatal (errmsg);
+	fatal ("%s", errmsg);
     }
 
   return pex;
Index: gcc/opts.c
===================================================================
--- gcc/opts.c	(revision 206867)
+++ gcc/opts.c	(working copy)
@@ -1039,7 +1039,7 @@ print_filtered_help (unsigned int includ
 		      if (* (const char **) flag_var != NULL)
 			snprintf (new_help + strlen (new_help),
 				  sizeof (new_help) - strlen (new_help),
-				  * (const char **) flag_var);
+				  "%s", * (const char **) flag_var);
 		    }
 		  else if (option->var_type == CLVC_ENUM)
 		    {
Index: gcc/tree-sra.c
===================================================================
--- gcc/tree-sra.c	(revision 206867)
+++ gcc/tree-sra.c	(working copy)
@@ -3861,7 +3861,7 @@ dump_dereferences_table (FILE *f, const
 {
   basic_block bb;
 
-  fprintf (dump_file, str);
+  fprintf (dump_file, "%s", str);
   FOR_BB_BETWEEN (bb, ENTRY_BLOCK_PTR_FOR_FN (cfun),
 		  EXIT_BLOCK_PTR_FOR_FN (cfun), next_bb)
     {
Index: gcc/tree-ssa-uninit.c
===================================================================
--- gcc/tree-ssa-uninit.c	(revision 206867)
+++ gcc/tree-ssa-uninit.c	(working copy)
@@ -764,7 +764,7 @@ dump_predicates (gimple usestmt, pred_ch
 {
   size_t i, j;
   pred_chain one_pred_chain = vNULL;
-  fprintf (dump_file, msg);
+  fprintf (dump_file, "%s", msg);
   print_gimple_stmt (dump_file, usestmt, 0, 0);
   fprintf (dump_file, "is guarded by :\n\n");
   size_t num_preds = preds.length ();
Index: libcpp/expr.c
===================================================================
--- libcpp/expr.c	(revision 206867)
+++ libcpp/expr.c	(working copy)
@@ -669,10 +669,10 @@ cpp_classify_number (cpp_reader *pfile,
 
 	  if (CPP_OPTION (pfile, c99))
             cpp_warning_with_line (pfile, CPP_W_LONG_LONG, virtual_location,
-				   0, message);
+				   0, "%s", message);
           else
             cpp_pedwarning_with_line (pfile, CPP_W_LONG_LONG,
-				      virtual_location, 0, message);
+				      virtual_location, 0, "%s", message);
         }
 
       result |= CPP_N_INTEGER;
Index: libcpp/macro.c
===================================================================
--- libcpp/macro.c	(revision 206867)
+++ libcpp/macro.c	(working copy)
@@ -2969,7 +2969,7 @@ create_iso_definition (cpp_reader *pfile
 	     function-like macros, but not at the end.  */
 	  if (following_paste_op)
 	    {
-	      cpp_error (pfile, CPP_DL_ERROR, paste_op_error_msg);
+	      cpp_error (pfile, CPP_DL_ERROR, "%s", paste_op_error_msg);
 	      return false;
 	    }
 	  break;
@@ -2982,7 +2982,7 @@ create_iso_definition (cpp_reader *pfile
 	     function-like macros, but not at the beginning.  */
 	  if (macro->count == 1)
 	    {
-	      cpp_error (pfile, CPP_DL_ERROR, paste_op_error_msg);
+	      cpp_error (pfile, CPP_DL_ERROR, "%s", paste_op_error_msg);
 	      return false;
 	    }
 

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]