[Olsr-dev] [PATCH v1 03/12] Makefile: WARNINGS: add -Wformat-security

Ferry Huberts (spam-protected)
Tue May 29 15:59:32 CEST 2012

From: Ferry Huberts <(spam-protected)>

   If -Wformat is specified, also warn about uses of format
   functions that represent possible security problems.  At
   present, this warns about calls to "printf" and "scanf"
   functions where the format string is not a string literal
   and there are no format arguments, as in "printf (foo);".
   This may be a security hole if the format string came from
   untrusted input and contains %n. (This is currently a subset
   of what -Wformat-nonliteral warns about, but in future warnings
   may be added to -Wformat-security that are not included in

Signed-off-by: Ferry Huberts <(spam-protected)>
 Makefile.inc |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/Makefile.inc b/Makefile.inc
index eb0f4d9..ec95015 100644
--- a/Makefile.inc
+++ b/Makefile.inc
@@ -90,6 +90,7 @@ WARNINGS +=	-Wformat
 WARNINGS +=	-Wsequence-point
 WARNINGS +=	-Wcast-align
 WARNINGS +=	-Wdouble-promotion
+WARNINGS +=	-Wformat-security
 # the following 2 do not work yet and need more work on it
 #WARNINGS +=	-Wconversion
 #WARNINGS +=	-Wredundant-decls

More information about the Olsr-dev mailing list