Home > mailing lists

Re: Fixes for compiler warnings - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Fixes for compiler warnings
Date	January 18, 2009 08:56:58
Msg-id	200901181156.52475.peter_e@gmx.net Whole thread Raw
In response to	Re: Fixes for compiler warnings (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Fixes for compiler warnings (Grzegorz Jaskiewicz <gj@pointblue.com.pl>) Re: Fixes for compiler warnings (Jeroen Vermeulen <jtv@xs4all.nl>)
List	pgsql-hackers

Tree view

On Sunday 18 January 2009 08:28:51 Tom Lane wrote:
> Yeah, the risk this is trying to guard against is variables containing
> "%" unexpectedly.  Even if that's not possible, it requires some work
> to verify and it's a bit fragile.  I didn't look at the specific cases
> yet but in general I think this is a good policy.

-Wformat-security warns about
   printf(var);

but not about
   printf(var, a);

I don't understand that; the crash or exploit potential is pretty much the 
same in both cases.

-Wformat-nonliteral warns about both cases.  We have legitimate code that 
requires this, however.

What would be helpful is a way to individually override the warning for the 
rare code where you know what you are doing.

pgsql-hackers by date:

From: Peter Eisentraut
Date: 18 January 2009, 08:50:18
Subject: Re: Statement-level triggers and inheritance

From: alanwli@gmail.com
Date: 18 January 2009, 09:34:44
Subject: Re: Fixes for compiler warnings

Re: Fixes for compiler warnings - Mailing list pgsql-hackers

Previous

Next