Khem Raj wrote:
> Clang 22 treats format strings more strictly and flags the use of
> gettext-translated strings directly as format arguments without an
> explicit format specifier as a security issue.
>
> Add "%s" format specifier to properly handle the translated strings.
>
> Fixes errors like:
> error: format string is not a string literal (potentially insecure)
> [-Werror,-Wformat-security]
1. It is not an error. It is a warning, and *you* (or the coreutils
configure.ac)
decided to turn the warning into an error.
2. The patch is wrong. We discussed this already a while ago, and the summary
is [1]:
- There is nothing to warn about, because format string translations
returned by _() are checked by 'msgfmt -c'.
- It works with gcc. gcc hides such warnings when the function is gettext().
- Therefore you can either use gcc instead of clang, or modify clang to
hide such warnings like gcc does.
Bruno
[1] https://lists.gnu.org/archive/html/bug-gnulib/2025-05/msg00266.html
