On 10/12, Jonathan Nieder wrote:
> Jeff King wrote:
> > On Fri, Oct 12, 2018 at 07:40:37PM +0100, Thomas Gummerer wrote:
>
> >> 801fa63a90 ("config.mak.dev: add -Wformat-security", 2018-09-08) added
> >> the -Wformat-security to the flags set in config.mak.dev. In the gcc
> >> man page this is
On Fri, Oct 12, 2018 at 11:54:50AM -0700, Jonathan Nieder wrote:
> > I'm not opposed to making config.mak.dev a bit more redundant to handle
> > this case, but we'd probably want to include all of -Wall, since it
> > contains many other warnings we'd want to make sure are enabled.
>
> Do you
Jeff King wrote:
> On Fri, Oct 12, 2018 at 07:40:37PM +0100, Thomas Gummerer wrote:
>> 801fa63a90 ("config.mak.dev: add -Wformat-security", 2018-09-08) added
>> the -Wformat-security to the flags set in config.mak.dev. In the gcc
>> man page this is documented as:
>>
>> If -Wformat is
On Fri, Oct 12, 2018 at 07:40:37PM +0100, Thomas Gummerer wrote:
> 801fa63a90 ("config.mak.dev: add -Wformat-security", 2018-09-08) added
> the -Wformat-security to the flags set in config.mak.dev. In the gcc
> man page this is documented as:
>
> If -Wformat is specified, also warn
801fa63a90 ("config.mak.dev: add -Wformat-security", 2018-09-08) added
the -Wformat-security to the flags set in config.mak.dev. In the gcc
man page this is documented as:
If -Wformat is specified, also warn about uses of format
functions that represent possible security
On Fri, Sep 7, 2018 at 8:21 PM Jeff King wrote:
>
> We currently build cleanly with -Wformat-security, and it's
> a good idea to make sure we continue to do so (since calls
> that trigger the warning may be security vulnerabilities).
Nice. I had this flag in my config.mak too before switching to
We currently build cleanly with -Wformat-security, and it's
a good idea to make sure we continue to do so (since calls
that trigger the warning may be security vulnerabilities).
Note that we cannot use the stronger -Wformat-nonliteral, as
there are case where we are clever with passing around
7 matches
Mail list logo