URL: <http://gna.org/bugs/?16249>
Summary: Can't build trunk with -Werror: "format not a string literal and no format arguments" Project: Freeciv Submitted by: jtn Submitted on: Saturday 07/10/10 at 22:50 Category: None Severity: 4 - Important Priority: 5 - Normal Status: None Assigned to: None Originator Email: Open/Closed: Open Release: trunk r17569 Discussion Lock: Any Operating System: GNU/Linux Planned Release: 2.3.0 _______________________________________________________ Details: This has come in some time in the last few days: libtool: compile: gcc [...] -c savegame2.c -o savegame2.o cc1: warnings being treated as errors savegame2.c: In function ‘sg_load_game’: savegame2.c:1742: error: format not a string literal and no format arguments savegame2.c: In function ‘sg_load_random’: savegame2.c:1870: error: format not a string literal and no format arguments savegame2.c:1872: error: format not a string literal and no format arguments savegame2.c:1874: error: format not a string literal and no format arguments savegame2.c:1879: error: format not a string literal and no format arguments [...and many more the same...] (GCC 4.3.3 on Ubuntu Jaunty.) A bit of digging on the first one at least shows it's complaining about sg_failure_ret(), which boils down to do_log(), which has fancy printf attributes ("fc__attribute((__format__ (__printf__, 6, 7)))"). Somewhere in there it boils down to "log_sg(secfile_error())". Have run out of time to fix it myself, but: This site <http://bobthegnome.blogspot.com/2009/07/format-not-string-literal-and-no-format.html> suggests the fix. It's complaining about format-string vulnerabilities because it can't vet that what secfile_error() returns doesn't have a % in it. The fix should be simple: change the various invocations so we end up with (..., "%s", secfile_error()). In passing, I note there's a lot of usage in Freeciv of patterns like: #define foo(format, ...) bar(thingy, format, ##__VA_ARGS__) The ## is a GNU extension <http://gcc.gnu.org/onlinedocs/cpp/Variadic-Macros.html> so that if you do something like 'foo("Hello")' (no extra arguments), the comma is swallowed -- apparently standard C99 has no way of doing this. This means Freeciv relies on a GNU extension. I can't remember, is that bad? If so I dunno what we can do about it. _______________________________________________________ Reply to this item at: <http://gna.org/bugs/?16249> _______________________________________________ Message sent via/by Gna! http://gna.org/ _______________________________________________ Freeciv-dev mailing list Freeciv-dev@gna.org https://mail.gna.org/listinfo/freeciv-dev