Re: FTBFS if "-Werror=format-security" flag is used

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/05/2013 06:38 PM, Michael scherer wrote:
On Wed, Dec 04, 2013 at 08:25:54PM -0600, mrnuke wrote:
On 12/04/2013 12:10 PM, Brendan Jones wrote:

This is just a pain. Can someone explain to me why this is good?

Good or not, this is not the right question to ask.

  * Is this necessarry, and are the benefits worth the pains? *

This change is Sofa King stupid. Why couldn't we have just enabled the
warning without turning it into an error, THEN let packagers work with
upstream in fixing those warnings? Regulate, not ban.

Exactly.

IMO, the appropriate step would be to add -Wformat-security
(Note: -W, not -Werror) to %optflags to draw the maintainers attention to it and then be done with it.

Because packagers will just ignore it like some currently ignore rpmlint
or various checks,  and in turn this just produce noises for anyone looking to
see if something need to be fixed or not.

Would you mind to explain why you guys are putting such an emphasize on -Wformat-security?

Sure, there are some serious cases, but ... there are many more further spread issues in C/C++-sources which people have been ignoring ever since Fedora and RH Linux distros exist.

IMO, -Wformat-security is almost negibile in comparison to these and you are making way too much noise about it than it deserves.

Let's rather ask the contrary, why is this so much a issue to communicate
with upstream to fix things, and add patches ?
This is not a issue for Debian and Ubuntu,
Do these distros meanwhile have consistent CFLAGS? Last time, I checked (ca. a year ago) none such thing existed in Debian nor Ubuntu packages.

this was not for Mandriva and Mageia
when similar changes have been enforced and usually, most upstream are receptive,
so i really fail to see why there is people complaining.
With all due respect to these distros, but does this really need to be explained?

Ralf

--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux