On 2012-05-19 Phil Pennock <p...@exim.org> wrote: > On 2012-05-19 at 16:26 +0200, Andreas Metzler wrote: [...] > If you're going to build with -Werror=format-security then you need to > #define PRINTF_FUNCTION(A,B) to /**/ in mytypes.h, which will also shut > up a bunch of other warnings. The PRINTF_FUNCTION() usage has caught a > number of small issues and been generally useful, but it's not a perfect > match. If there were a pragma to define a new format and register what > each escape expects, as a type, and declare that some do not consume > arguments, we could use that and there would be no mismatches. [...] > I think, realistically, people are going to turn on -Wformat=security > and we need to accept that and remove the safety-checks instead. > They're useful to the developers, in figuring out where there *might* be > issues, but there's so many false positive warnings, and this, that it > is not tenable for a release.
> For now, can you please build without -Wformat=security and see if it > works? FWIW I have just uploaded to Debian/experimental to check for build-errors. In a first try we are building with -Wformat=security and --- exim4-4.80~rc2.orig/src/functions.h +++ exim4-4.80~rc2/src/functions.h @@ -325,7 +325,7 @@ extern uschar *string_copy_malloc(uschar extern uschar *string_copylc(uschar *); extern uschar *string_copynlc(uschar *, int); extern uschar *string_dequote(uschar **); -extern BOOL string_format(uschar *, int, const char *, ...) PRINTF_FUNCTION(3,4); +extern BOOL string_format(uschar *, int, const char *, ...); as this has worked for me. ;-) cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
