[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 8/9] Add more format string warning flags
|
From: |
Peter Maydell |
|
Subject: |
Re: [Qemu-devel] [PATCH 8/9] Add more format string warning flags |
|
Date: |
Mon, 2 Apr 2012 15:32:51 +0100 |
On 2 April 2012 15:22, Daniel P. Berrange <address@hidden> wrote:
> The -Wformat-security option can only catch problems if the format
> string is a literal. eg so it'd miss this:
>
> void foo(void) {
> int notastring = 1;
> const char *format = "String is %s";
>
> sprintf(format, notastring);
> }
>
> There are a handful of places in QEMU which do that with non-trivial
> format strings & were easy to fix in this patch, which I think is a
> worthwhile improvement. The cases in the *-user/strace.c file though
> are not practical to fix, without significant re-design of the code
> in question.
To be honest I couldn't tell from your patch whether you'd actually
fixed any bugs or if you were just moving things around to turn non
literals into literals.
(Some of the cleanup looks like a good idea anyway, eg the vnc bits.)
-- PMM
- Re: [Qemu-devel] [PATCH 9/9] Add note about some other options potentially worth enabling, (continued)
[Qemu-devel] [PATCH 7/9] Add -Wmissing-format-attribute & fix problems it finds, Daniel P. Berrange, 2012/04/02
[Qemu-devel] [PATCH 4/9] Remove 4 MB stack frame usage from sheepdog, Daniel P. Berrange, 2012/04/02
[Qemu-devel] [PATCH 6/9] Fix bit test to use & instead of && and enable -Wlogical-op warning, Daniel P. Berrange, 2012/04/02