Hi!
In our gcc package build, libgfortran is built with -Werror=format-security
and errors on this file. While it is a false positive, because
cmdmsg_values[i] for any valid i don't contain % characters, IMNSHO it is
better to use "%s", msg anyway to make it clear that msg should not be
interpretted as format string.
Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
2016-01-15 Jakub Jelinek <ja...@redhat.com>
* intrinsics/execute_command_line.c (set_cmdstat): Use "%s", msg
instead of msg to avoid -Wformat-security warning.
--- libgfortran/intrinsics/execute_command_line.c.jj 2016-01-04
15:14:11.000000000 +0100
+++ libgfortran/intrinsics/execute_command_line.c 2016-01-15
14:47:32.132158422 +0100
@@ -1,6 +1,6 @@
/* Implementation of the EXECUTE_COMMAND_LINE intrinsic.
Copyright (C) 2009-2016 Free Software Foundation, Inc.
- Contributed by François-Xavier Coudert.
+ Contributed by François-Xavier Coudert.
This file is part of the GNU Fortran runtime library (libgfortran).
@@ -55,7 +55,7 @@ set_cmdstat (int *cmdstat, int value)
#define MSGLEN 200
char msg[MSGLEN] = "EXECUTE_COMMAND_LINE: ";
strncat (msg, cmdmsg_values[value], MSGLEN - strlen(msg) - 1);
- runtime_error (msg);
+ runtime_error ("%s", msg);
}
}
Jakub
