| From: | Gregory Stark <stark(at)enterprisedb(dot)com> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Alan Li <alanwli(at)gmail(dot)com> |
| Subject: | Re: Fixes for compiler warnings |
| Date: | 2009-01-18 01:12:36 |
| Message-ID: | 87k58tct8b.fsf@oxford.xeocode.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> You apparently have your compiler configured with -Wformat-security. Our code
> doesn't do that. I think the cases the warning complains about are fine and
> the way the warning is designed is a bit bogus.
Hm, only a bit. You know, we've had precisely this bug at least once not that
long ago. And the way the warning is designed it won't fire any false
positives except in cases that are easily avoided.
There's an argument to be made that the code is easier to audit if you put the
"%s" format string in explicitly too. Even if the current code is correct you
have to trace the variable back up to its source to be sure. If you add the
escape then you can see that the code is safe just from that line of code
alone.
--
Gregory Stark
EnterpriseDB http://www.enterprisedb.com
Ask me about EnterpriseDB's Slony Replication support!
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Chernow | 2009-01-18 02:27:18 | VARSIZE - why omit VARLEN? |
| Previous Message | Peter Eisentraut | 2009-01-17 23:34:09 | Re: Fixes for compiler warnings |