----- Original Message ----- From: "Denys Vlasenko" <[email protected]> To: <[email protected]> Cc: "Gilles Espinasse" <[email protected]>; <[email protected]> Sent: Sunday, February 13, 2011 6:31 PM Subject: Re: about gcc warnings
> On Sunday 13 February 2011 14:24, Gilles Espinasse wrote: > > > > ----- Original Message ----- > > From: <[email protected]> > > To: <[email protected]> > > Sent: Sunday, February 13, 2011 1:39 PM > > Subject: about gcc warnings > > > > > > > In busybox there are a lot of compile warnings like: > > > networking/wget.c:365: warning: format not a string literal and no > > > format arguments > > > > > > are these warnings wanted for some reason? > > I don't get any such warnings. > I was thinking that warning was related to gcc fortify. But no, this is a gcc warning > > Should only be rusting code > > This sort of warning is not present in 1.17.3. My error, I didn't see this warning because I didn't have -Wformat-security > But this just increases code size for no benefit. gcc-4.4.5 manual say If -Wformat is specified, also warn about uses of format functions that represent possible security problems. At present, this warns about calls to printf and scanf functions where the format string is not a string literal and there are no format arguments, as in printf (foo);. This may be a security hole if the format string came from untrusted input and contains `%n'. (This is currently a subset of what -Wformat-nonliteral warns about, but in future warnings may be added to -Wformat-security that are not included in -Wformat-nonliteral.) I have seen this size increase changing mount (bb-1.17.4) 6 warnings root:/usr/src/busybox-1.17.4$ make bloatcheck function old new delta singlemount 680 693 +13 mount_it_now 178 185 +7 ---------------------------------------------------------------------------- -- (add/remove: 0/0 grow/shrink: 2/0 up/down: 20/0) Total: 20 bytes text data bss dec hex filename 293400 3253 8648 305301 4a895 busybox_old 293420 3253 8648 305321 4a8a9 busybox_unstripped Gilles _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
