[Bug c/39044] -Wformat warns on printf() with stringpointer as sole argument

bugdal at aerifal dot cx Sat, 05 May 2012 21:23:42 -0700

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=39044


Rich Felker <bugdal at aerifal dot cx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bugdal at aerifal dot cx

--- Comment #5 from Rich Felker <bugdal at aerifal dot cx> 2012-05-06 04:23:14 
UTC ---
This warning is valid and highly desirable. Any call to printf with a single
non-string-literal argument is almost surely an extremely serious security bug.
And there's rarely a legitimate reason to make such a call; the closest thing
to a legitimate use I can think of would be lazy/sloppy use of gettext. If the
string is not a format string, you should use fputs or fwrite to print it.

[Bug c/39044] -Wformat warns on printf() with stringpointer as sole argument

Reply via email to