[
https://issues.apache.org/jira/browse/PROTON-2080?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17033888#comment-17033888
]
Andrew Stitcher edited comment on PROTON-2080 at 2/10/20 7:43 PM:
------------------------------------------------------------------
To explain what this is doing:
%z as a format specifier (and also variadic macros) is not present in C\+\+
before C\+\+11 (but is present in C99) and so would cause warnings if we
compiled the C as C\+\+ because we do use the %z format specifier.
It is quite possible now that for every platform we care about now the default
C\+\+ compiler allows %z without complaint. So it could be that these warning
suppressions are now just defunct - that would be good and would simplify the
build.
was (Author: astitcher):
To explain what this is doing:
%z as a format specifier (and also variadic macros) is not present in C++
before C++11 (but is present in C99) and so would cause warnings if we compiled
the C as C++ because we do use the %z format specifier.
It is quite possible now that for every platform we care about now the default
c++ compiler allows %z without complaint. So it could be that these warning
suppressions are now just defunct - that would be good and would simplify the
build.
> cc1plus: warning: -Wformat-security ignored without -Wformat
> [-Wformat-security]
> --------------------------------------------------------------------------------
>
> Key: PROTON-2080
> URL: https://issues.apache.org/jira/browse/PROTON-2080
> Project: Qpid Proton
> Issue Type: Bug
> Components: proton-c
> Affects Versions: proton-c-0.28.0
> Reporter: Jiri Daněk
> Priority: Major
>
> I am getting the {{-Wformat-security ignored}} warning when I (accidentally)
> used a GCC with hardening flags set to build qpid proton. This can happen in
> RPM spec file, and also due to bug
> https://github.com/NixOS/nixpkgs/issues/60919.
> {noformat}
> [ 37%] Building CXX object c/tests/CMakeFiles/c-extra-test.dir/url_test.cpp.o
> cd /root/rpmbuild/BUILD/qpid-proton-0.28.0/c/tests && /usr/bin/c++
> -I/root/rpmbuild/BUILD/qpid-proton-0.28.0/c/include
> -I/root/rpmbuild/BUILD/qpid-proton-0.28.0/c/src
> -I/root/rpmbuild/BUILD/qpid-proton-0.28.0/c/tests
> -I/root/rpmbuild/BUILD/qpid-proton-0.28.0/tests/include -O2 -g -pipe -Wall
> -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS
> -fexceptions -fstack-protector-strong -grecord-gcc-switches
> -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
> -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
> -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection
> -Wno-error=format-security -fvisibility=hidden -O2 -g -DNDEBUG -O2 -g
> -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2
> -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong
> -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
> -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
> -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection
> -Wno-error=format-security -fvisibility=hidden -Werror -Wall -pedantic-errors
> -Wno-format -Wno-variadic-macros -o
> CMakeFiles/c-extra-test.dir/url_test.cpp.o -c
> /root/rpmbuild/BUILD/qpid-proton-0.28.0/c/tests/url_test.cpp
> cc1plus: warning: -Wformat-security ignored without -Wformat
> [-Wformat-security]
> [ 37%] Linking CXX executable c-extra-test
> {noformat}
> -I am honestly not sure what to think of this. At first sight, it seems to me
> the hardening options in RHEL and NixOS are incomplete (lacking the
> {{-Wformat}}), but then it seems strange that two distributions would make
> the same mistake.-
> Proton intentionally sets {{-Wno-format}}. I think this is only necessary to
> do when BUILD_WITH_CXX is set, at least it works on RHEL 6 this way. See
> attached patch below.
> I did not understand the if in c/tools/CMakeLists.txt. It sets
> {{-Wno-format}} when {{inttypes.h}} is not available. Yet
> # platform_fmt.c includes inttypes.h irrespective of the result of the check
> # judging by the comment in cmakelist.txt i'd expect I'd need -Wno-format if
> the inttypes.h is included, not without it
> {code}
> From 22b8401099580352f615ae24122f20650eabb263 Mon Sep 17 00:00:00 2001
> From: Jiri Danek <[email protected]>
> Date: Thu, 25 Jul 2019 13:57:57 +0200
> Subject: [PATCH] =?UTF-8?q?PROTON-2079:=20-Wno-format=20only=20when=20BUIL?=
> =?UTF-8?q?D=5FWITH=5FCXX=20AND=C2=A0CMAKE=5FCOMPILER=5FIS=5FGNUCC?=
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
> It would be more appropriate to also limit -Wno-format to C++ < c++11 cases,
> but that I don't know how to do.
> ---
> CMakeLists.txt | 7 ++++---
> c/tools/CMakeLists.txt | 4 ++--
> 2 files changed, 6 insertions(+), 5 deletions(-)
> diff --git a/CMakeLists.txt b/CMakeLists.txt
> index f1091bab..b7974cdc 100644
> --- a/CMakeLists.txt
> +++ b/CMakeLists.txt
> @@ -138,14 +138,15 @@ if (CMAKE_COMPILER_IS_GNUCC)
> set (WERROR "-Werror")
> endif (ENABLE_WARNING_ERROR)
> set (COMPILE_WARNING_FLAGS "${WERROR} -Wall -pedantic-errors")
> - # C++ allow "%z" format specifier and variadic macros
> - set (CXX_WARNING_FLAGS "${COMPILE_WARNING_FLAGS} -Wno-format
> -Wno-variadic-macros")
> + # C++ allow variadic macros
> + set (CXX_WARNING_FLAGS "${COMPILE_WARNING_FLAGS} -Wno-variadic-macros")
> if (NOT BUILD_WITH_CXX)
> set (COMPILE_WARNING_FLAGS "${COMPILE_WARNING_FLAGS} -Wstrict-prototypes
> -Wc++-compat -Wvla -Wsign-compare -Wwrite-strings")
> set (COMPILE_LANGUAGE_FLAGS "-std=c99")
> set (COMPILE_PLATFORM_FLAGS "-std=gnu99")
> else (NOT BUILD_WITH_CXX)
> - set (COMPILE_WARNING_FLAGS "${CXX_WARNING_FLAGS}")
> + # C++ allow "%z" format specifier
> + set (COMPILE_WARNING_FLAGS "${COMPILE_WARNING_FLAGS} -Wno-format")
> endif (NOT BUILD_WITH_CXX)
>
> if (ENABLE_UNDEFINED_ERROR)
> diff --git a/c/tools/CMakeLists.txt b/c/tools/CMakeLists.txt
> index 7a577cb1..f23c39e5 100644
> --- a/c/tools/CMakeLists.txt
> +++ b/c/tools/CMakeLists.txt
> @@ -25,10 +25,10 @@ CHECK_INCLUDE_FILES("inttypes.h" INTTYPES_AVAILABLE)
> if (INTTYPES_AVAILABLE)
> list(APPEND PLATFORM_DEFINITIONS "USE_INTTYPES")
> else (INTTYPES_AVAILABLE)
> - if (CMAKE_COMPILER_IS_GNUCC)
> + if (BUILD_WITH_CXX AND CMAKE_COMPILER_IS_GNUCC)
> # since inttypes.h provides portable printf format macros
> set (COMPILE_WARNING_FLAGS "${COMPILE_WARNING_FLAGS} -Wno-format")
> - endif (CMAKE_COMPILER_IS_GNUCC)
> + endif (BUILD_WITH_CXX AND CMAKE_COMPILER_IS_GNUCC)
> endif (INTTYPES_AVAILABLE)
>
> add_executable(msgr-recv msgr-recv.c msgr-common.c)
> --
> 2.22.0
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
