On Fri, 2017-11-24 at 16:48 +0200, Luiz Augusto von Dentz wrote: > Hi Bastien, > > On Fri, Nov 24, 2017 at 4:06 PM, Bastien Nocera <hadess@xxxxxxxxxx> > wrote: > > On Thu, 2017-11-02 at 15:09 +0100, Bastien Nocera wrote: > > > obexd/plugins/bluetooth.c: In function 'register_profile': > > > obexd/plugins/bluetooth.c:310:7: error: format not a string > > > literal, > > > argument types not checked [-Werror=format-nonliteral] > > > profile->driver->port); > > > ^~~~~~~ > > > obexd/plugins/bluetooth.c:314:7: error: format not a string > > > literal, > > > argument types not checked [-Werror=format-nonliteral] > > > profile->driver->name); > > > ^~~~~~~ > > > > > > And so does this one. > > I really hope we can avoid GCC specific pragmas, I'm pretty sure it just won't do anything with other compilers. > there got to be a > better way avoid this error A lot of code refactoring. > or just disable > -Werror=format-nonliteral, actually is that our error or > g_markup_printf_escaped? It's the g_markup_printf_escaped() usage that incorrect. The first argument of printf-style functions are supposed to be literals, otherwise the compiler doesn't know whether the arguments passed match the format. It's a potential security bug, depending on where the format comes from, and how it's generated. Removing the warning/error doesn't remove the bug, it just hides it. And so does this patch. I don't know the codebase enough to refactor it. Cheers -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
