[Libvir] PATCH: Avoid format string abuse (also avoids gcc warnings).

Richard W.M. Jones rjones at redhat.com
Wed Nov 7 12:18:14 UTC 2007

Jim Meyering wrote:
> "Daniel P. Berrange" <berrange at redhat.com> wrote:
>> On Tue, Nov 06, 2007 at 08:31:06PM +0100, Jim Meyering wrote:
>>> This patch was prompted by warnings like this:
>>>   util.c:56: warning: format not a string literal and no format arguments
>> Hmm, what compiler version are you using ? I don't see those warnings when
>> I build. Or did you add extra compiler flags ? If the latter we should
>> make sure they're included in our default flag set so we don't reintroduce
>> similar flaws in the future.
> gcc snapshot build a week or two ago on rawhide, but these options aren't new.
> I always use -Wformat and -Wformat-security.  Here's a patch:
> 	* acinclude.m4 (minimum): Add -Wformat and -Wformat-security.
> diff --git a/acinclude.m4 b/acinclude.m4
> index 15bb7ff..1c4051d 100644
> --- a/acinclude.m4
> +++ b/acinclude.m4
>          try_compiler_flags=""
>  	;;
>      minimum)
> -	try_compiler_flags="-Wall $common_flags"
> +	try_compiler_flags="-Wall -Wformat -Wformat-security $common_flags"
>  	;;
>      yes)
>  	try_compiler_flags="-Wall -Wmissing-prototypes $common_flags"

I'm just going to apply this and your other patch, because I always 
compile with --enable-compile-warnings=error to catch exactly these 
sorts of regressions / errors, and I wasn't seeing that bug in util.c 
until you pointed it out.

Thanks for contributing!


Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom.  Registered in
England and Wales under Company Registration No. 03798903
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3237 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20071107/2d001552/attachment-0001.bin>

More information about the libvir-list mailing list