[Olsr-dev] hardening 1by1: -Wformat -Wformat-security -Werror=format-security

Ferry Huberts (spam-protected)
Wed Oct 10 09:14:18 CEST 2012

On 05-10-12 23:34, Hans-Christoph Steiner wrote:
> As part of the effort to get the hardening flags that are default in
> Debian to be also default in olsrd, I'm submitting one email per concept
> so we can discuss them each.
> The first is "-Wformat -Wformat-security -Werror=format-security".  This
> adds strict checks to *printf() formats, which are a common source of
> exploits.  olsrd currently passes all of these checks.

If you'd bothered to check the makefile then you'd seen that these are 
already there.

Only the latter (-Werror=format-security) is not there, which (IMHO) is 
but a minor 'improvement'.

Please check before throwing stuff on the mailinglist and make _all_ of 
us check. You're not building a reputation that we can trust your work 
without checking it...

> This should be enabled on all platforms.
> Here's the Debian docs on the topic:
> http://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_FORMAT_.28gcc.2BAC8-g.2B-.2B-_-Wformat_-Wformat-security_-Werror.3Dformat-security.29
> .hc

Ferry Huberts

More information about the Olsr-dev mailing list