lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon,  9 May 2022 06:54:44 +0000
From:   Alviro Iskandar Setiawan <alviro.iskandar@...weeb.org>
To:     Ammar Faizi <ammarfaizi2@...weeb.org>
Cc:     GNU/Weeb Mailing List <gwml@...r.gnuweeb.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Alviro Iskandar Setiawan <alviro.iskandar@...weeb.org>
Subject: [PATCH 0/1] Add format attribute to enable printf warnings

Hi Ammar,

When we use printf and fprintf functions from nolibc, we don't get any
warning from the compiler if we have wrong arguments, for example the
following calls will compile silently:
```
  printf("%s %s\n", "aaa");
  fprintf(stdout, "%s %s\n", "xxx", 1);
```
Those calls are undefined behavior. We can catch it at compile time by
adding format attribute to those function declarations. After this
patch, we get the following warnings:
```
  warning: format `%s` expects a matching `char *` argument [-Wformat=]
  warning: format `%s` expects argument of type `char *`, but argument 4 has type `int` [-Wformat=]
```

Signed-off-by: Alviro Iskandar Setiawan <alviro.iskandar@...weeb.org>
---

Alviro Iskandar Setiawan (1):
  tools/nolibc/stdio: Add format attribute to enable printf warnings

 tools/include/nolibc/stdio.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


base-commit: 2fbaf4ddb5e2f64a565247683093b869b5b3f792
prerequisite-patch-id: 1bcffd448f6984eee80d86560af19672cd4ae716
prerequisite-patch-id: 3e31c80bd4dd532e30b4bba76e5d98647e21184b
prerequisite-patch-id: 34e531967a67791d5b3c3e071527de7235715906
prerequisite-patch-id: 14105c6ae9dcc068ddf12a7c1bf431066199b813
prerequisite-patch-id: 4299173943ea579f538da00488fb1a7b1a690a79
prerequisite-patch-id: dd85164f2ec9eb8cea64ab801abac614f9d0c8f5
prerequisite-patch-id: 2c1b940635d1564e26b9959eb57cf9fa6983cb2f
prerequisite-patch-id: 8b1b453d855c9b8081353ffbddd03f6cfcfa2ab6
-- 
Alviro Iskandar Setiawan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ