[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <56e1b5710902040628w5ceb36f5kdb1f433087355f80@mail.gmail.com>
Date: Wed, 4 Feb 2009 15:28:47 +0100
From: Floris Kraak <randakar@...il.com>
To: Sam Ravnborg <sam@...nborg.org>
Cc: Alan Cox <alan@...rguk.ukuu.org.uk>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Trivial Patch Monkey <trivial@...nel.org>
Subject: [PATCH] Kbuild: Disable the -Wformat-security gcc flag
Some distributions have enabled the gcc flag -Wformat-security by default.*
This results in a number of warnings about format arguments to
functions, sometimes in cases where fixing the warning is not likely
to actually fix a bug.
Instead of hand patching a dozens of places (possibly more) that
produce warnings that get ignored anyway we just turn off the flag in
the Makefile.
Note: Regardless of any discussion surrounding the value of this
particular type of warning, having this show up in a few distributions
but not in the
vast majority of them means that this warning won't be seen by most of
the developers who introduce the new warnings in the first place. If
the
kernel decides it cares about format arguments it should do so
globally regardless of distribution. In which case I'd gladly whip up
a patch to do
the reverse thing and turn this thing on by default. However, such a
patch would have to produce a follow up patch(set) which fixes each
individual
warning.
See also:
http://kerneltrap.org/mailarchive/linux-kernel/2008/11/20/4215134
*) The ubuntu manpage for gcc states:
-Wformat-security
If -Wformat is specified, also warn about uses of format
functions that represent possible security problems. At present, this
warns about
calls to "printf" and "scanf" functions where the format
string is not a string literal and there are no format arguments, as
in "printf
(foo);". This may be a security hole if the format string
came from untrusted input and contains %n. (This is currently a
subset of what
-Wformat-nonliteral warns about, but in future warnings may
be added to -Wformat-security that are not included in
-Wformat-nonliteral.)
NOTE: In Ubuntu 8.10 and later versions this option is
enabled by default for C, C++, ObjC, ObjC++. To disable, use
-Wno-format-security, or
disable all format warnings with -Wformat=0. To make format
security warnings fatal, specify -Werror=format-security.
Signed-off-by: Floris Kraak <randakar@...il.com>
---
diff --git a/Makefile b/Makefile
index 7715b2c..9ee766c 100644
--- a/Makefile
+++ b/Makefile
@@ -346,7 +346,8 @@ KBUILD_CPPFLAGS := -D__KERNEL__
KBUILD_CFLAGS := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \
-fno-strict-aliasing -fno-common \
- -Werror-implicit-function-declaration
+ -Werror-implicit-function-declaration \
+ -Wno-format-security
KBUILD_AFLAGS := -D__ASSEMBLY__
# Read KERNELRELEASE from include/config/kernel.release (if it exists)
---
"They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety."
-- Ben Franklin
"The course of history shows that as a government grows, liberty
decreases."
-- Thomas Jefferson
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists