format string is not a string literal (potentially insecure)
[-Wformat-security]
Alexander Best
arundel at freebsd.org
Thu Nov 10 20:47:22 UTC 2011
hi there,
clang outputs the following warning during 'make buildkernel':
clang -c -O3 -pipe -fno-inline-functions -fno-strict-aliasing -march=core2 -std=c99 -fdiagnostics-show-option -fformat-extensions -Wall -Wcast-qual -Winline -Wmissing-include-dirs -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wredundant-decls -Wstrict-prototypes -Wundef -Wno-pointer-sign -nostdinc -I. -I/usr/git-freebsd-head/sys -I/usr/git-freebsd-head/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -mno-aes -mno-avx -mcmodel=kernel -mno-red-zone -mno-mmx -msoft-float -fno-asynchronous-unwind-tables -ffreestanding -fstack-protector-all /usr/git-freebsd-head/sys/kern/kern_conf.c
/usr/git-freebsd-head/sys/kern/kern_conf.c:1019:45: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
ret = make_dev_alias_p(flags, cdev, pdev, devfspath);
^~~~~~~~~
does this indicate a security risk, which should be fixed or rather a bugus
warning?
cheers.
alex
More information about the freebsd-toolchain
mailing list