On Fri, Aug 13, 2010 at 06:03:30PM -0500, Chris said: > While building this I noticed the below: > > unzip.c: In function 'unz': > unzip.c:155: warning: format '%lu' expects type 'long unsigned int', but > argument 2 has type 'unsigned int' > unzip.c:199: warning: format '%lu' expects type 'long unsigned int', but > argument 2 has type 'unsigned int' > unzip.c:236: warning: format '%lu' expects type 'long unsigned int', but > argument 2 has type 'unsigned int'
I'm sort of getting to be of the opinion that when writing portable code, it might be nicer to always say uint32 and so on, or size_t, or whatever, so that you don't then have to resort to casts all over the place. I haven't looked at these chunks of code, so I dunno in this particular case. > pdf.c: In function 'pdf_extract_obj': > pdf.c:607: warning: format '%ld' expects type 'long int', but argument 3 > has type 'size_t' > pdf.c:613: warning: format '%ld' expects type 'long int', but argument 4 > has type 'size_t' Should use %zd. > regex_list.c: In function 'get_char_at_pos_with_skip': > regex_list.c:89: warning: format '%lu' expects type 'long unsigned int', > but argument 2 has type 'size_t' > regex_list.c:89: warning: format '%lu' expects type 'long unsigned int', > but argument 3 has type 'size_t' > regex_list.c:89: warning: format '%lu' expects type 'long unsigned int', > but argument 4 has type 'size_t' Same, %zd. > mspack.c: In function 'lzx_decompress': > mspack.c:1452: warning: format '%ld' expects type 'long int', but > argument 2 has type 'int' Dunno about this case, again. > hashtab.c: In function 'cli_hashtab_grow': > hashtab.c:249: warning: format '%lu' expects type 'long unsigned int', > but argument 2 has type 'size_t' > hashtab.c:285: warning: format '%ld' expects type 'long int', but > argument 3 has type 'size_t' > hashtab.c: In function 'cli_hashtab_insert': > hashtab.c:299: warning: format '%ld' expects type 'long int', but > argument 3 has type 'size_t' > hashtab.c:346: warning: format '%ld' expects type 'long int', but > argument 3 has type 'size_t' > hashtab.c: In function 'cli_hashtab_generate_c': > hashtab.c:407: warning: format '%ld' expects type 'long int', but > argument 4 has type 'size_t' > hashtab.c:411: warning: format '%ld' expects type 'long int', but > argument 3 has type 'size_t' > hashtab.c:411: warning: format '%ld' expects type 'long int', but > argument 4 has type 'size_t' > hashtab.c:411: warning: format '%ld' expects type 'long int', but > argument 5 has type 'size_t' Again, %zd. > jsparse/js-norm.c: In function 'replace_token_range': > jsparse/js-norm.c:527: warning: format '%lu' expects type 'long unsigned > int', but argument 2 has type 'size_t' > jsparse/js-norm.c:527: warning: format '%lu' expects type 'long unsigned > int', but argument 3 has type 'size_t' > jsparse/js-norm.c:527: warning: format '%lu' expects type 'long unsigned > int', but argument 4 has type 'size_t' > jsparse/js-norm.c: In function 'append_tokens': > jsparse/js-norm.c:549: warning: format '%lu' expects type 'long unsigned > int', but argument 2 has type 'size_t Again, %zd. > bytecode_api.c: In function 'cli_bcapi_get_environment': > bytecode_api.c:1223: warning: format '%lu' expects type 'long unsigned > int', but argument 3 has type 'unsigned int' Dunno about this case again. > server-th.c: In function 'handle_stream': > server-th.c:677: warning: format '%lu' expects type 'long unsigned int', > but argument 2 has type 'size_t' > > sigtool.c: In function 'getdsig': > sigtool.c:385: warning: format '%lu' expects type 'long unsigned int', > but argument 2 has type 'size_t' Again, %zd. > The build finished with no errors though. Are the above warnings a > problem? They should be fine. Format string vulnerabilities are a real issue, but in this case it looks like a cast or a declaration problem, rather than a real mismatch in size. Cheers, -- -------------------------------------------------------------------------- | Stephen Gran | No, his mind is not for rent To any god | | st...@lobefin.net | or government. Always hopeful, yet | | http://www.lobefin.net/~steve | discontent, He knows changes aren't | | | permanent - But change is. | --------------------------------------------------------------------------
signature.asc
Description: Digital signature
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
