Petr Štetiar <yn...@true.cz> [2019-11-30 15:04:40]: > Wouldn't it make sense to enable following hardening flags (maybe consider > others as well?): > > -Werror=format-security > -Werror=format-nonliteral
FYI, following uci patch: diff --git a/CMakeLists.txt b/CMakeLists.txt index 92adf4a47121..56a14e2b2b40 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -4,7 +4,7 @@ PROJECT(uci C) SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "") ADD_DEFINITIONS(-Os -Wall -Werror -Wextra --std=gnu99 -g3 -I. -DUCI_PREFIX="${CMAKE_INSTALL_PREFIX}") -ADD_DEFINITIONS(-Wno-unused-parameter) +ADD_DEFINITIONS(-Wno-unused-parameter -Werror=format-nonliteral -Werror=format-security) yields following error with clang-10 on CI[1]: cli.c:196:19: error: format string is not a string literal [-Werror,-Wformat-nonliteral] vfprintf(stderr, fmt, ap); 1. https://gitlab.com/ynezz/openwrt-uci/-/jobs/365617293 -- ynezz _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel