[Crash-utility] [PATCH] Add format string to *printf call

Dave Anderson anderson at redhat.com
Fri Jul 12 13:48:04 UTC 2013 


----- Original Message -----
> On 12.07.2013 09:16, Stefan Bader wrote:
> > On 11.07.2013 20:26, Dave Anderson wrote:
> >>
> >>
> >>
> >>
> >> ----- Original Message -----
> >>> This patch came from the Ubuntu crash maintainer Stefan Bader. Debian
> >>> and Ubuntu both build by default with Werror and the -Wformat-security
> >>> option which catches printf and scanf functions where the format
> >>> string is not a string literal and there are no format arguments
> >>> specified. This patch resolves the issue by explicitly adding the "%s"
> >>> format string.
> >>
> >> Looks reasonable.
> >>
> >>  $ lsdiff fprintf.patch
> >>  crash-7.0.1/cmdline.c
> >>  crash-7.0.1/dev.c
> >>  crash-7.0.1/filesys.c
> >>  crash-7.0.1/kernel.c
> >>  crash-7.0.1/lkcd_common.c
> >>  crash-7.0.1/memory.c
> >>  crash-7.0.1/netdump.c
> >>  crash-7.0.1/symbols.c
> >>  crash-7.0.1/task.c
> >>  crash-7.0.1/tools.c
> >>  crash-7.0.1/va_server.c
> >>  crash-7.0.1/x86_64.c
> >>  crash-7.0.1/xendump.c
> >>  $
> >>
> >> Did you vet the other 9 architecture-specific files besides x86_64.c?
> > 
> > Hm, no. I just went through the list that a x86_64 build produced. I really
> > should do at least a 32bit run as well. And I could do a run on an armhf
> > builder.
> > 
> > -Stefan
> > 
> >>
> >> Dave
> >>  
> So arm.c and x86.c also had some places to fix. I am attaching the updated
> patch. Though this means that other architecture specific files may still have
> issues. It is just simpler to let the compiler find the sites. And I may only
> have access to some ppc porter, but I am not sure in which condition that might
> be. Have not used any for quite a while.
> 
> -Stefan

Thanks Stefan, this second patch is queued for crash-7.0.2.

I'll check the other architectures the quick-and-dirty way, i.e.:

 $ cc -c -o arm64.o arm64.c -DARM64 -Wall -Wformat-security
 arm64.c: In function ‘arm64_dis_filter’:
 arm64.c:1120:3: warning: format not a string literal and no format arguments [-Wformat-security]
 $ 
  
I've always gone out the way to avoid "#ifdef <ARCH>" in the common files if at all
possible, but I'll eyeball-check them in conjunction with the above.

BTW, you can also try "make target=X86", "make target=ARM" and "make target=ARM64" on
an x86_64 host, and "make target=PPC" on a ppc64 host, which will build a binary
that can run on the host to look at a targeted dumpfile.

I'll also add -Wformat-security to the WARNING_OPTIONS list for building with "make warn"
to prevent future uses.

Thanks,
  Dave

More information about the Crash-utility mailing list