Michael Tokarev wrote:
> If I were upstream I'd reject this approach.
Oh, sorry for the lack of clarity. I'm personally fine with leaving
these warnings unaddressed. (Debian doesn't use busybox's selinux
support as far as I can tell.) My only goal was to convey that there
are at least three options:
- annotating calls where the argument happens not to contain a %
sign, in a safe way so that the program is not broken if that
assumption stops holding. When using printf-like functions in C,
this is spelled as f("%s", str).
- using an alternative function for the unformatted case
- making bb_msg_* into string literals
You've mentioned that you don't like the first of those three options,
and that interested people should pursue this directly with upstream.
Sounds reasonable to me.
[...]
> The stat -Z case is a real bug however, and should be fixed
> spearately. But this is - IMHO - a different story.
It's the same story. The way to prevent the same problem from
happening again is to occasionally look through the warnings
-Wformat-security emits, something people are much more likely to do
if there are not many of them.
Thanks,
Jonathan
--
To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120514193445.GB13335@burratino
