On 06/27/2016 12:10 PM, Burton, Ross wrote:
../../libidn-1.32/src/idn.c: In function 'main': ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments [-Werror=format-security] error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified"));As libidn will be dealing with data from the network it seems like the sort of package that should be built with format-security enabled. Wouldn't it be better to fix up the calls to error() instead?
Also, in general the point of adding this check was that we try to fix the problems in the code. Adding packages to the list of exceptions is missing the point :)
Please write a patch - I'd say we should accept new exceptions only if fixing the code is shown to be too difficult.
Alex -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
