This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: -Wformat-security warnings generated in gcc build
- From: Dodji Seketeli <dodji at redhat dot com>
- To: Prathamesh Kulkarni <bilbotheelffriend at gmail dot com>
- Cc: gcc <gcc at gcc dot gnu dot org>
- Date: Thu, 23 Jan 2014 15:54:27 +0100
- Subject: Re: -Wformat-security warnings generated in gcc build
- Authentication-results: sourceware.org; auth=none
- References: <CAJXstsAMh25uwq5tCL86izSEMyvVtbUj4YNrmbZpFoFNVD=1Mg at mail dot gmail dot com> <Pine dot LNX dot 4 dot 64 dot 1401211749001 dot 20755 at digraph dot polyomino dot org dot uk> <CAJXstsBCTmcX0T=HQL9KmrKCwz6yZV95UXKiCPKOxRhLX8iLpA at mail dot gmail dot com> <Pine dot LNX dot 4 dot 64 dot 1401221801080 dot 10535 at digraph dot polyomino dot org dot uk> <87d2jjc4rx dot fsf at seketeli dot org> <CAJXstsBrMyJ66oFM8RjRNHUyC5TZVgVGD=xkRAcVc9FzQ7PKFA at mail dot gmail dot com>
Prathamesh Kulkarni <bilbotheelffriend@gmail.com> writes:
>
> Shall it be correct then to replace calls to error() and friends,
> taking only format string with no-argument specifiers
> to error_at_no_args() ? (similarly we shall need warning_at_no_args,
> pedwarn_no_args, etc.)
I would guess so, yes.
>>
>> Also, you'd need to modify cp/error.c:cp_printer in a similar way, to
>> issue an internal_error each time we try to access a null test->args_ptr.
>
> Shall check for text->args_ptr be required in each case label of
> argument specifier in pp_format()
> and client-specific functions like cp_printer() ?
Yes, I think so. Maybe you can make that a bit more maintainable by
creating a macro like those used to access text->args_ptr in cp_printer,
e.g:
#define next_int va_arg (*text->args_ptr, int)
In that macro, make the check for text->args_ptr before accessing it,
and then use that macro to access text->args_ptr through the function.
--
Dodji