> > When trunk with (hardened) gcc 4.6 on Ubuntu beta, I get:
> >
> > lua_config.c: In function 'cmd_log_at':
> > lua_config.c:177:5: error: format not a string literal and no
> > format arguments [-Werror=format-security]
> > cc1: some warnings being treated as errors
> >
> >
> > The appropriate source:
> > lua_Debug dbg;
> >
> > lua_getstack(L, 1, &dbg);
> > lua_getinfo(L, "Sl", &dbg);
> >
> > msg = luaL_checkstring(L, 2);
> > ap_log_error(dbg.source, dbg.currentline,
> > APLOG_MODULE_INDEX, level, 0, cmd->server, msg);
> >
> >
> > Is there anything we can do to fix this so it builds again
> > with paranoia options?
>
> How about:
>
> ap_log_error(dbg.source, dbg.currentline, APLOG_MODULE_INDEX, level,
> 0, cmd->server, "%s", msg);
appears in one more place -- if you're fine with this solution,
I'll commit it.
> Regards
>
> Rüdiger
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.ga...@brainsware.org
URL: http://brainsware.org/
GPG: 571B 8B8A FC97 266D BDA3 EF6F 43AD 80A4 5779 3257
Index: modules/lua/lua_config.c
===================================================================
--- modules/lua/lua_config.c (revision 1179976)
+++ modules/lua/lua_config.c (working copy)
@@ -174,7 +174,7 @@
lua_getinfo(L, "Sl", &dbg);
msg = luaL_checkstring(L, 2);
- ap_log_error(dbg.source, dbg.currentline, APLOG_MODULE_INDEX, level, 0, cmd->server, msg);
+ ap_log_error(dbg.source, dbg.currentline, APLOG_MODULE_INDEX, level, 0, cmd->server, "%s", msg);
return 0;
}
Index: modules/lua/lua_request.c
===================================================================
--- modules/lua/lua_request.c (revision 1179976)
+++ modules/lua/lua_request.c (working copy)
@@ -399,7 +399,7 @@
lua_getinfo(L, "Sl", &dbg);
msg = luaL_checkstring(L, 2);
- ap_log_rerror(dbg.source, dbg.currentline, APLOG_MODULE_INDEX, level, 0, r, msg);
+ ap_log_rerror(dbg.source, dbg.currentline, APLOG_MODULE_INDEX, level, 0, r, "%s", msg);
return 0;
}
