Enabling "-Werror=format-security" by default

Adam Jackson ajax at redhat.com
Wed Nov 20 17:04:28 UTC 2013

On Wed, 2013-11-20 at 09:13 -0700, Jerry James wrote:
> On Wed, Nov 20, 2013 at 8:57 AM, Dhiru Kholia <dhiru.kholia at gmail.com> wrote:
> > Currently, around 400 packages FTBFS if this flag is enabled. I am all
> > set to start filing the bugs (once given the green signal). In addition,
> > I am willing to help in patching these packages. I believe that this
> > work is important and will benefit everyone (including upstream and
> > other distributions).
> It would have been nice if you had mentioned which packages failed to
> build, so maintainers could start looking at them.  I found this by
> digging around a little:
> http://people.fedoraproject.org/~halfie/rebuild-logs.txt

The implementation of this flag needs some work.  The sis X driver
apparently fails the check for this code:

    const char *rectxine = "\t... setting up rectangular Xinerama layout\n";
    // ...
    if (infochanged && !usenonrect) {
         xf86DrvMsg(pScrn1->scrnIndex, X_INFO,
                    "Virtual screen size does not match maximum display modes...\n");
         xf86DrvMsg(pScrn1->scrnIndex, X_INFO, rectxine);

Presumably gcc means something very precise by "string literal" here.
If I change the declaration to be const char rectxine[] it builds fine.
Which is... somewhat understandable?  I mean you _could_ assign to
rectxine-the-pointer and change what it points to, but the code does
not, so you'd hope constant-propagation would figure this out.

- ajax

More information about the devel mailing list