> diff --git a/builtin/submodule--helper.c b/builtin/submodule--helper.c
> index 034ba1bb2e0..d4cb7c72e33 100644
> --- a/builtin/submodule--helper.c
> +++ b/builtin/submodule--helper.c
> +static int module_update_module_mode(int argc, const char **argv, const char *prefix)
> +{
> + const char *path, *update = NULL;
> + int just_cloned;
> + struct submodule_update_strategy update_strategy = { .type = SM_UPDATE_CHECKOUT };
> +
> + if (argc < 3 || argc > 4)
> + die("submodule--helper update-module-clone expects <just-cloned> <path> [<update>]");
> +
> + just_cloned = git_config_int("just_cloned", argv[1]);
> + path = argv[2];
> +
> + if (argc == 4)
> + update = argv[3];
> +
> + determine_submodule_update_strategy(the_repository,
> + just_cloned, path, update,
> + &update_strategy);
> + fprintf(stdout, submodule_strategy_to_string(&update_strategy));
Various compilers warn about the potential insecurity of the above
call:
CC builtin/submodule--helper.o
builtin/submodule--helper.c: In function ‘module_update_module_mode’:
builtin/submodule--helper.c:1502:2: error: format not a string literal and no format arguments [-Werror=format-security]
fprintf(stdout, submodule_strategy_to_string(&update_strategy));
^
cc1: all warnings being treated as errors
Makefile:2261: recipe for target 'builtin/submodule--helper.o' failed
make: *** [builtin/submodule--helper.o] Error 1
I think it should either use an explicit format string:
fprintf(stdout, "%s", submodule_strategy_to_string(&update_strategy));
or, perhaps better yet, simply use fputs().
> +
> + return 0;
> +}
