Re: [Qemu-devel] [PATCH 8/9] Add more format string warning flags

["Daniel P. Berrange" <berrange@redhat.com>]

On Mon, Apr 02, 2012 at 03:32:51PM +0100, Peter Maydell wrote:
> On 2 April 2012 15:22, Daniel P. Berrange <berrange@redhat.com> wrote:
> > The -Wformat-security option can only catch problems if the format
> > string is a literal. eg so it'd miss this:
> >
> >  void foo(void) {
> >     int notastring = 1;
> >     const char *format = "String is %s";
> >
> >     sprintf(format, notastring);
> >  }
> >
> > There are a handful of places in QEMU which do that with non-trivial
> > format strings & were easy to fix in this patch, which I think is a
> > worthwhile improvement. The cases in the *-user/strace.c file though
> > are not practical to fix, without significant re-design of the code
> > in question.
> 
> To be honest I couldn't tell from your patch whether you'd actually
> fixed any bugs or if you were just moving things around to turn non
> literals into literals.

There were no actual bugs fixed - it was just the change you describe
from non-literal to literal - to protect against future possible bugs.

> (Some of the cleanup looks like a good idea anyway, eg the vnc bits.)

Yep, I don't know why I didn't write that VNC code this way in the
first place now :-)

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|