Re: Fixes for compiler warnings

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Gregory Stark <stark(at)enterprisedb(dot)com>
Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Alan Li <alanwli(at)gmail(dot)com>
Subject: Re: Fixes for compiler warnings
Date: 2009-01-18 06:28:51
Message-ID: 23977.1232260131@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Gregory Stark <stark(at)enterprisedb(dot)com> writes:
> There's an argument to be made that the code is easier to audit if you put the
> "%s" format string in explicitly too.

Yeah, the risk this is trying to guard against is variables containing
"%" unexpectedly. Even if that's not possible, it requires some work
to verify and it's a bit fragile. I didn't look at the specific cases
yet but in general I think this is a good policy.

One thing to watch out for is that the intention may have been to allow
the strings to be translated.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message alanwli 2009-01-18 07:05:53 Re: Fixes for compiler warnings
Previous Message Tom Lane 2009-01-18 06:24:47 Re: Statement-level triggers and inheritance