width in %s specifiers

felix.von.s at posteo dot de Mon, 13 Mar 2017 08:12:40 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79816


felix <felix.von.s at posteo dot de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           See Also|https://gcc.gnu.org/bugzill |
                   |a/show_bug.cgi?id=79554     |

--- Comment #2 from felix <felix.von.s at posteo dot de> ---
The documentation for -Wformat-security explicitly mentions that it may be
extended in the future to cover cases other than non-literal format strings.
I'm suggesting to take advantage of that provision and make that option also
cover buffer overflows. It shouldn't be that hard to make -Wformat-security
imply -Wformat-overflow and whatever you choose to name the warning about
improper precision. Current problems with the non-literal format string case
aren't terribly relevant here.

[Bug c/79816] -Wformat-security should warn about missing or excess precision/width in %s specifiers

Reply via email to