Re: xentools411 fails build

To: matthew green <mrg%eterna.com.au@localhost>
Subject: Re: xentools411 fails build
From: Robert Elz <kre%munnari.OZ.AU@localhost>
Date: Mon, 18 Mar 2019 15:56:30 +0700

    Date:        Mon, 18 Mar 2019 11:30:49 +1100
    From:        matthew green <mrg%eterna.com.au@localhost>
    Message-ID:  <29602.1552869049%splode.eterna.com.au@localhost>

  | Martin Husemann writes:
  | > IMO the most stupid warning ever added to gcc. I would just disable it for
  | > newer gcc.
  |
  | i don't agree.  some times it is very difficult to avoid and
  | it sometimes misdiagnoses the problem but it found a couple
  | of dozen real bugs where user input would lead to segv, so it
  | has clear value in my mind.

I agree with Martin - and I fail to see how getting a truncated
string (this is snprintf, no sprintf) could lead to a segv, ever
(or if it did, the problem is elsewhere).   It could lead to using
the incorrect data (in this case presumanly attempting to open/create
an unintended file) which might be bad, sometimes (just cause app
failure in this case most likely - /tmp/battery/* is not any kind
of critical path).

But worse in this kind of usage, almost every occurrence of %s in a sprintf
(that is, not %.Ns) would need to generate the warning, as there's no
way that the compiler can know, for certain, that a variable string passed
in will be properly \0 terminated within its apparent max size.  It can
guess sometimes, but it can never really know, unless it is a constant
string.

kre

References:
- re: xentools411 fails build
  - From: matthew green

Prev by Date: Re: xentools411 fails build
Next by Date: daily CVS update output
Previous by Thread: Re: xentools411 fails build
Next by Thread: Re: xentools411 fails build
Indexes:

Home | Main Index | Thread Index | Old Index