Re: CVS commit: src/external/cddl/osnet/usr.sbin/dtrace

To: "Roy Marples" <roy%netbsd.org@localhost>
Subject: Re: CVS commit: src/external/cddl/osnet/usr.sbin/dtrace
From: Andreas Gustafsson <gson%gson.org@localhost>
Date: Fri, 5 Feb 2016 12:03:17 +0200

Roy,

You committed:
> Log Message:
> dtrace needs Wno-format-security for clang it seems.
> 
> To generate a diff of this commit:
> cvs rdiff -u -r1.6 -r1.7 src/external/cddl/osnet/usr.sbin/dtrace/Makefile

This looks wrong to me - the warnings are pointing out actual bugs
that need to be fixed instead of just silencing the warnings.  For
example, here:

/tmp/bracket/build/2016.02.04.20.05.53-i386/src/external/cddl/osnet/dist/cmd/dtrace/dtrace.c:822:2: error: format not a string literal and no format arguments [-Werror=format-security]
  error(data->dteda_msg);
  ^

if the error message in data->dteda_msg happens to contain a percent
sign followed by the letter "s", there will be a segfault.

The following works for me (building with gcc):

Index: dist/cmd/dtrace/dtrace.c
===================================================================
RCS file: /bracket/repo/src/external/cddl/osnet/dist/cmd/dtrace/dtrace.c,v
retrieving revision 1.6
diff -u -r1.6 dtrace.c
--- dist/cmd/dtrace/dtrace.c	4 Feb 2016 20:05:53 -0000	1.6
+++ dist/cmd/dtrace/dtrace.c	5 Feb 2016 08:29:14 -0000
@@ -819,7 +819,7 @@
 static int
 errhandler(const dtrace_errdata_t *data, void *arg)
 {
-	error(data->dteda_msg);
+	error("%s", data->dteda_msg);
 	return (DTRACE_HANDLE_OK);
 }
 
@@ -827,7 +827,7 @@
 static int
 drophandler(const dtrace_dropdata_t *data, void *arg)
 {
-	error(data->dtdda_msg);
+	error("%s", data->dtdda_msg);
 	return (DTRACE_HANDLE_OK);
 }
 
Index: usr.sbin/dtrace/Makefile
===================================================================
RCS file: /bracket/repo/src/external/cddl/osnet/usr.sbin/dtrace/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- usr.sbin/dtrace/Makefile	4 Feb 2016 21:26:48 -0000	1.8
+++ usr.sbin/dtrace/Makefile	5 Feb 2016 08:30:07 -0000
@@ -30,8 +30,6 @@
 
 COPTS.dtrace.c += -Wno-stack-protector
 COPTS.dtrace.c += -Wno-format-extra-args
-COPTS.dtrace.c += -Wno-format-nonliteral
-COPTS.dtrace.c += -Wno-format-security
 
 LDFLAGS+=	-pthread
 
-- 
Andreas Gustafsson, gson%gson.org@localhost

Follow-Ups:
- Re: CVS commit: src/external/cddl/osnet/usr.sbin/dtrace
  - From: Joerg Sonnenberger
- Re: CVS commit: src/external/cddl/osnet/usr.sbin/dtrace
  - From: Roy Marples

Prev by Date: Re: CVS commit: src/usr.bin/bdes
Next by Date: Re: CVS commit: src/external/cddl/osnet/usr.sbin/dtrace
Previous by Thread: Re: CVS commit: src/usr.bin/bdes
Next by Thread: Re: CVS commit: src/external/cddl/osnet/usr.sbin/dtrace
Indexes:

Home | Main Index | Thread Index | Old Index