Re: FTBFS if "-Werror=format-security" flag is used

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/05/2013 07:43 PM, Jan Lieskovsky wrote:


From: "Ralf Corsepius"



Would you mind to explain why you guys are putting such an emphasize on
-Wformat-security?


Some possible ways how to look at it:
* because when all reported packages are patched, it would remove one
   whole class of security flaws,
Iff the tools being utilized were reliable and if the findings are fixed by skilled people, who really understand what they are doing. Both does NOT APPLY in Fedora. Fedora/RH's GCC produces false diagnoses and the average Fedora packager is not an experienced C-developer. 

=> Feel free to apply -W if you feel like it, but do not
use -Werror.
Besides this: Appending -Werror to CFLAGS breaks configure scripts, which are applying compile-checks, to destinguish a system features. The fact nobody so far seems to be aware about this seriously worries me. 


   Sure, there are some serious cases, but ... there are many more
further spread issues in C/C++-sources which people have been ignoring
ever since Fedora and RH Linux distros exist.


If we did (as you said), it shouldn't be used as an excuse / argument for
continuing doing so.


One example: Go after "type-size" or with "uninitialized variables" issues.
You'd be surprized how many packages are having serious issues with this, how difficult fixing these issues can be on occasion. The fatal trap lurking inside is 100% of all fixes appear to be trivial, while a small percentage actually isn't. Finding these is challenging to experienced coders/developers and definitely far beyond the skills of an average Fedora packager. 


IMO, -Wformat-security is almost negibile in comparison to these and you
are making way too much noise about it than it deserves.


http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=format+string [*]


Yeah, a vulnerability - So what?
I'd guess the number and severity of vulnerabilities caused by TmpOnTmpfs, defective SELinux-configurations and systemd are much severe, not worth mentioning those caused by e.g. dirty usage of type-sizes in C-code. 

Ralf

--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux