On 29 мая 2014 г., at 3:04, Willy Tarreau <w...@1wt.eu> wrote: > > Yes it does but it doesn't change its verdict. The test is really bogus I > think : > > const char fmt[] = "blah"; printf(fmt); => OK > const char *fmt = "blah"; printf(fmt); => KO > const char * const fmt = "blah"; printf(fmt); => KO > const char fmt[][5] = { "blah" }; printf(fmt[0]); => KO > > This is the difference between the first one and the last one which makes > me say the test is bogus, because it's exactly the same. > > And worst thing is that I guess they added this check for people who > mistakenly use printf(string). And as usual, they don't provide an easy > way to say "don't worry it's not an error, it's on purpose"... This > compiler is becoming more and more irritating, soon we'll have more > lines of workarounds than useful lines of code. > > Worse in fact, the workaround is simple, it consists in removing the > __attribute__((printf)) on the declaration line of chunk_appendf(), > and thus *really* opening the door to real scary bugs. > > OK so I'll add a dummy argument to shut it up :-(
Just for reference: clang also warns here: cc -Iinclude -Iebtree -Wall -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS -DTPROXY -DCONFIG_HAP_CRYPT -DUSE_GETADDRINFO -DUSE_ZLIB -DENABLE_POLL -DENABLE_KQUEUE -DUSE_OPENSSL -DCONFIG_HAPROXY_VERSION=\"1.5-dev26-2e85840\" -DCONFIG_HAPROXY_DATE=\"2014/05/28\" -c -o src/dumpstats.o src/dumpstats.c src/dumpstats.c:3059:26: warning: format string is not a string literal (potentially insecure) [-Wformat-security] chunk_appendf(&trash, srv_hlt_st[1]); /* DOWN (agent) */ ^~~~~~~~~~~~~ FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512 Target: x86_64-unknown-freebsd10.0 Thread model: posix