Hi Richard, Khem,
> > security_flags.inc:SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security
> > -Werror=format-security"
> > security_flags.inc:SECURITY_CFLAGS ?= "${SECURITY_STACK_PROTECTOR}
> > ${SECURITY_PIE_CFLAGS} ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}"
> > so the reproducer should be to add "-Wformat -Wformat-security
> > -Werror=format-security" to CFLAGS when building ltp.
> I think this must be new, we are carrying patches to fix similar
> issues in other parts of ltp. Probably something to consider for
> upstreaming
> e.g.
> https://git.openembedded.org/openembedded-core/tree/meta/recipes-extended/ltp/ltp/0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch
I was testing it, but this one was ok. Found problems with setregid01.c,
to realize that it was already posted to LTP mailing list, so pushed it.
Kind regards,
Petr
--
_______________________________________________
Openembedded-core mailing list
[email protected]
http://lists.openembedded.org/mailman/listinfo/openembedded-core
