Re: [PATCH] Kbuild: Disable the -Wformat-security gcc flag

From: Floris Kraak
Date: Fri May 15 2009 - 09:28:30 EST

Next message: Ingo Molnar: "Re: [PATCH 4/4] perf_counter: update perf-top to use the new freqinterface"
Previous message: Felipe Balbi: "[RFC] Add Input IOCTL for accelerometer devices"
In reply to: Pekka Enberg: "Re: [PATCH] Kbuild: Disable the -Wformat-security gcc flag"
Next in thread: Pekka Enberg: "Re: [PATCH] Kbuild: Disable the -Wformat-security gcc flag"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/15/09, Pekka Enberg <penberg@xxxxxxxxxxxxxx> wrote:
>
> On Wed, Feb 4, 2009 at 5:28 PM, Floris Kraak <randakar@xxxxxxxxx> wrote:
> > Some distributions have enabled the gcc flag -Wformat-security by default.*
> > This results in a number of warnings about format arguments to
> > functions, sometimes in cases where fixing the warning is not likely
> > to actually fix a bug.
> > Instead of hand patching a dozens of places (possibly more) that
> > produce warnings that get ignored anyway we just turn off the flag in
> > the Makefile.
> >
>
> Is there a reason this patch was not merged? Yes, it's clearly a
> distro problem but apparently there's no easy way to turn it off.
>

Well, I posted a few follow up patches that turned this one on his
head - instead of disabling the feature in GCC I attempted to hand
patch every location that caused the warning instead.

However, that is quite a large job for fixing a mere 'minor annoyance'
- there are a number of obvious places where merely changing the
definition of a 'char* foo' variable into a 'char foo[]' variable
makes the warning go away (hence easily done)but getting rid of all of
them requires some real code changes here and there. In theory all of
them are harmless but it adds up to well over 130 patches. (When
split.)

I was still in the process of triaging the whole thing into a
mergeable form when some assignment came along that caused me to drop
the whole thing on the floor. I can dig them up and repost them if you
like ;-)

Tellingly enough I didn't find any place where the warning was
actually warning about anything harmful. Maybe I just need better
glasses though ;-)

Quite honestly I still believe just disabling this check is the best
thing to do.

It would be *really* nice if printk could just check instead how many
arguments it has and refrain from parsing the format string if there
aren't any. Unfortunately that's seemingly impossible - or at least,
well beyond my abilities ;-)

Regards,
Floris
---
'Or lawyers may say, âBut if I decline, someone else will do it. So
what is gained?â My reply: âLet someone else do it. But not you. Honor
is personal. Worry about yourself. You donât get a pass from moral
responsibility because you acted for a client.â

Thatâs the first lesson I would offer, aimed at lawyers. A second
lesson, aimed at all, is this: Keep ready your capacity for outrage.
This is very important. Next to the vote, outrage is the one response
each of us can contribute. Outrage is how honor must confront
dishonor. If we lose the capacity for outrage, we are in serious
trouble. '
--- Stephen Gillers
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [PATCH 4/4] perf_counter: update perf-top to use the new freqinterface"
Previous message: Felipe Balbi: "[RFC] Add Input IOCTL for accelerometer devices"
In reply to: Pekka Enberg: "Re: [PATCH] Kbuild: Disable the -Wformat-security gcc flag"
Next in thread: Pekka Enberg: "Re: [PATCH] Kbuild: Disable the -Wformat-security gcc flag"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]