#63 gcc format security fix

v1.0_(example)
closed-fixed
nobody
None
5
2013-10-17
2013-10-06
pollux
No

Hi,

When enabling gcc hardening flags [1] (they are enabled in the Debian package), some errors were detected with the following flags: -Wformat -Werror=format-security.

These flags prevents using format functions with a variable, for ex printf(var), but require using printf("%s", var) to avoid security problems.

The attached patch fixes the problem.

Best regards,
Pierre

[1] See https://wiki.debian.org/Hardening for more details

1 Attachments

Discussion

  • In Silmaril
    In Silmaril
    2013-10-17

    Thanks!

    That part of the code is not used currently, so it's not really a sec issue. I either remove it or add your patch.

     
  • In Silmaril
    In Silmaril
    2013-10-17

    • status: open --> closed-fixed