On Mon, Jul 11, 2016 at 2:22 PM, Jonathan Wakely
<jwakely@xxxxxxxxxxxxxxxxx> wrote:
> On 11/07/16 13:16 +0100, Daniel P. Berrange wrote:
>>
>> On Mon, Jul 11, 2016 at 02:09:24PM +0200, Jan Synacek wrote:
>>>
>>> Hello,
>>>
>>> I'm trying to compile the latest version of Warzone2100 on rawhide,
>>> but I'm getting this error:
>>>
>>> g++ -DHAVE_CONFIG_H -I. -I.. -DYY_NO_INPUT -D_REENTRANT
>>> -I/usr/include/SDL2 -I/usr/include/libpng16 -I/usr/include/AL
>>> -D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS -DNDEBUG
>>> -DWZ_DATADIR="\"/usr/share/warzone2100\""
>>> -DLOCALEDIR="\"/usr/share/locale\"" -I.. -I../3rdparty
>>> -I../3rdparty/quesoglc -I/usr/include/libdrm -g -Wno-enum-compare
>>> -Wall -Wextra -Wno-unused-parameter -Wno-sign-compare -Wcast-align
>>> -Wwrite-strings -Wpointer-arith -Wno-format-security
>>> -I/usr/include/qt5/QtWidgets -I/usr/include/qt5
>>> -I/usr/include/qt5/QtGui -I/usr/include/qt5
>>> -I/usr/include/qt5/QtScript -I/usr/include/qt5
>>> -I/usr/include/qt5/QtCore -I/usr/include/qt5 -O2 -g -pipe -Wall
>>> -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
>>> -fstack-protector-strong --param=ssp-buffer-size=4
>>> -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1
>>> -m64 -mtune=generic -fPIC -std=c++11 -fstack-protector -c -o
>>> geometry.o geometry.cpp
>>> In file included from ../lib/framework/frame.h:44:0,
>>> from ../lib/framework/wzapp.h:24,
>>> from frontend.cpp:27:
>>> frontend.cpp: In function 'void startCampaignSelector()':
>>> ../lib/framework/string_ext.h:178:74: error: format not a string
>>> literal and no format arguments [-Werror=format-security]
>>> #define ssprintf(dest, ...) snprintf((dest), sizeof(dest), __VA_ARGS__)
>>>
>>> Could someone who understands g++ please advise how to fix this? I
>>> don't quite understand why it doesn't work.
>>
>>
>> It means the code calling this ssprintf() macro is passing a variable,
>> instead of a literal string. This is potentially unsafe as the compiler
>> can't validate that the string data in this variable contains format
>> arguments that are compatible with the __VA_ARGS__ passed at the same
>> time. This is quite commonly hit when people do not actually have any
>> variadic args at all, and just want to print out the string variable
>> as-is with no interpolation. The fix is usually to add a plain "%s"
>> format arg.
>>
>> eg if you have a varaible 'char *somemsg' which contains the data
>> to print and you're calling ssprintf(somemsg), then you would want
>> to change it to ssprintf("%s", somemsg). This avoids any danger if
>> 'somemsg' could itself potentailly contain % format specifies
>
>
> Looks like it's coming from here:
> https://github.com/Warzone2100/warzone2100/blob/master/src/frontend.cpp#L381
>
> So the fix would be:
>
> ssprintf(hackList[i], "%s", list[i].name.toUtf8().constData());
Yep, that''s it, I didn't realize that.
My thanks to everyone!
--
Jan Synacek
Software Engineer, Red Hat
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
