[Olsr-dev] [PATCH v1 03/12] Makefile: WARNINGS: add -Wformat-security
Ferry Huberts
(spam-protected)
Tue May 29 15:59:32 CEST 2012
From: Ferry Huberts <(spam-protected)>
-Wformat-security
If -Wformat is specified, also warn about uses of format
functions that represent possible security problems. At
present, this warns about calls to "printf" and "scanf"
functions where the format string is not a string literal
and there are no format arguments, as in "printf (foo);".
This may be a security hole if the format string came from
untrusted input and contains %n. (This is currently a subset
of what -Wformat-nonliteral warns about, but in future warnings
may be added to -Wformat-security that are not included in
-Wformat-nonliteral.)
Signed-off-by: Ferry Huberts <(spam-protected)>
---
Makefile.inc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/Makefile.inc b/Makefile.inc
index eb0f4d9..ec95015 100644
--- a/Makefile.inc
+++ b/Makefile.inc
@@ -90,6 +90,7 @@ WARNINGS += -Wformat
WARNINGS += -Wsequence-point
WARNINGS += -Wcast-align
WARNINGS += -Wdouble-promotion
+WARNINGS += -Wformat-security
# the following 2 do not work yet and need more work on it
#WARNINGS += -Wconversion
#WARNINGS += -Wredundant-decls
--
1.7.7.6
More information about the Olsr-dev
mailing list