FTBFS if "-Werror=format-security" flag is used
Miloslav Trmač
mitr at volny.cz
Fri Dec 6 19:40:22 UTC 2013
On Fri, Dec 6, 2013 at 8:02 PM, Kevin Kofler <kevin.kofler at chello.at> wrote:
> See e.g. the examples I have given in the FESCo ticket:
> * a printf wrapper for logging which adds a timestamp in front of the
> format string, e.g.
> log("processed %d items", foo);
> which would be printed as
> 2013-12-06 19:00:00: processed 123 items
> to some logfile (using vfprintf with a format string like
> "2013-12-06 19:00:00: processed %d items"
> concatenated at runtime).
Yes, this is a legitimate problem. (A workaround would be to do
vfprintf with the original format string and _then_ concatenate, and I
agree that it's not quite satisfactory.) I'm guessing that this is a
fairly unusual way to implement this functionality - but I don't have
data.
> * translatable format strings, e.g.
> printf(translate("processed %d items"), foo);
__attribute__ ((format_arg)), which is how gcc already knows about
gettext(). (Actually, the logging wrapper case might also be solvable
by doing the concatenation in a function with this atttribute... I'm
not sure that it's much better.)
Mirek
More information about the devel
mailing list