Re: [PATCH 2/2] avoid using sha1_to_hex output as printf format

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jeff King <peff@xxxxxxxx> writes:

> On Fri, Jul 08, 2016 at 05:25:26AM -0400, Jeff King wrote:
>
>> diff --git a/commit.c b/commit.c
>> index 3f4f371..9603379 100644
>> --- a/commit.c
>> +++ b/commit.c
>> @@ -1623,7 +1623,7 @@ void print_commit_list(struct commit_list *list,
>>  {
>>  	for ( ; list; list = list->next) {
>>  		const char *format = list->next ? format_cur : format_last;
>> -		printf(format, oid_to_hex(&list->item->object.oid));
>> +		printf(format, "%s", oid_to_hex(&list->item->object.oid));
>
> Urgh, this second hunk is clearly bogus. This is a -Wformat-nonliteral
> problem, but not because of oid_to_hex(), but rather because of
> "format". :-/
>
> Here's a corrected patch. But as this has demonstrated the dangers of
> churn, and as it doesn't really get us meaningfully closer to being able
> to use -Wformat-nonliteral, perhaps the best course of action is to just
> drop it (I do think the "walker_say" patch has more inherent value as a
> cleanup, though).

Hmm.  While both do look correct, and it is a no-brainer to take
this (corrected) patch, I am not sure how much we care about walkers
these days.

As to the hunk to commit.c that was dropped in this round, the only
caller of print_commit_list() is bisect.c, and it passes "%s\n" to
format_cur and format_last, it seems, so that suggests a more
obvious direction for cleaning things up, I would say.

> -- >8 --
> Subject: [PATCH] avoid using sha1_to_hex output as printf format
>
> We know that it should not contain any percent-signs, but
> it's a good habit not to feed non-literals to printf
> formatters.
>
> Signed-off-by: Jeff King <peff@xxxxxxxx>
> ---
>  builtin/worktree.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/builtin/worktree.c b/builtin/worktree.c
> index e866844..cce555c 100644
> --- a/builtin/worktree.c
> +++ b/builtin/worktree.c
> @@ -262,7 +262,7 @@ static int add_worktree(const char *path, const char *refname,
>  	 */
>  	strbuf_reset(&sb);
>  	strbuf_addf(&sb, "%s/HEAD", sb_repo.buf);
> -	write_file(sb.buf, sha1_to_hex(null_sha1));
> +	write_file(sb.buf, "%s", sha1_to_hex(null_sha1));
>  	strbuf_reset(&sb);
>  	strbuf_addf(&sb, "%s/commondir", sb_repo.buf);
>  	write_file(sb.buf, "../..");
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]