When using current default build flags for Debian (hardened flags) build fails with "format not a string literal and no format arg"
Please look at attached patch by Anton Gladky, currently used in Debian.
As I understand the rationale for such a compiler check, it is relevant only if the string in question is unknown (e.g. supplied by the user). In the case at hand the string is a hard-coded error message, so I think the compiler warning is invalid.
It's not quite as simple as that. Even if the string is a known one, there's not really any excuse for writing it directly into the format string. Once you start doing that, sooner or later you _will_ forget that this isn't safe in the general case. It's a question of avoiding the start of a bad habit.
Anyway, the report is moot for a different reason: those changes have been in CVS since 2012-03-18
Log in to post a comment.