On 2006-09-19, Linus Torvalds <torvalds@xxxxxxxx> wrote:
> Too bad that we can't get gcc to warn on these things. We do mark it as
> "format(printf)", but I don't know of any way to tell gcc that it _has_ to
> have that initial constant string.
Not sure if it just a gcc 4.x-ism, but -Wformat-nonliteral or -Wformat-security
might be what you are looking for.
`-Wformat-nonliteral'
If `-Wformat' is specified, also warn if the format string is not a
string literal and so cannot be checked, unless the format function
takes its format arguments as a `va_list'.
`-Wformat-security'
If `-Wformat' is specified, also warn about uses of format
functions that represent possible security problems. At present,
this warns about calls to `printf' and `scanf' functions where the
format string is not a string literal and there are no format
arguments, as in `printf (foo);'. This may be a security hole if
the format string came from untrusted input and contains `%n'.
(This is currently a subset of what `-Wformat-nonliteral' warns
about, but in future warnings may be added to `-Wformat-security'
that are not included in `-Wformat-nonliteral'.)
phil
--
change name before "@" to "phil" for email
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html