headers
Santiago Vila | 6 May 2012 14:06
Picon
Favicon

Building m4 with hardened flags

Hello.

When trying to build m4 using hardened flags, I found a test that fails:

#1;3001;0c    source='test-xvasprintf.c' object='test-xvasprintf.o' libtool=no 
gcc -std=gnu99  -I. -I../lib  -DIN_M4_GNULIB_TESTS=1 -I. -I. -I.. -I./.. -I../lib -I./../lib
-D_FORTIFY_SOURCE=2  -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Wformat-security -Werror=format-security -c test-xvasprintf.c
test-xvasprintf.c: In function 'test_xasprintf':
test-xvasprintf.c:98:5: error: format not a string literal and no format arguments [-Werror=format-security]
cc1: some warnings being treated as errors
make[6]: *** [test-xvasprintf.o] Error 1

This is the code which fails:

  {
    /* Silence gcc warning about zero-length format string.  */
    const char *empty = "";
    result = xasprintf (empty);
    ASSERT (result != NULL);
    ASSERT (strcmp (result, "") == 0);
    free (result);
  }

Every other test seems to be ok.

What would you recommend? Should I just disable this code and keep "-Werror=format-security"?
Or maybe there is a bug somewhere?

Thanks.
(Continue reading)

Permalink | Reply |
headers
Eric Blake | 7 May 2012 14:50
Picon
Favicon
Gravatar

Re: Building m4 with hardened flags

On 05/06/2012 06:06 AM, Santiago Vila wrote:
> Hello.
> 
> When trying to build m4 using hardened flags, I found a test that fails:
> 
> #1;3001;0c    source='test-xvasprintf.c' object='test-xvasprintf.o' libtool=no 
> gcc -std=gnu99  -I. -I../lib  -DIN_M4_GNULIB_TESTS=1 -I. -I. -I.. -I./.. -I../lib -I./../lib
-D_FORTIFY_SOURCE=2  -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Wformat-security -Werror=format-security -c test-xvasprintf.c
> test-xvasprintf.c: In function 'test_xasprintf':
> test-xvasprintf.c:98:5: error: format not a string literal and no format arguments [-Werror=format-security]
> cc1: some warnings being treated as errors
> make[6]: *** [test-xvasprintf.o] Error 1
> 
> This is the code which fails:
> 
>   {
>     /* Silence gcc warning about zero-length format string.  */
>     const char *empty = "";
>     result = xasprintf (empty);
>     ASSERT (result != NULL);
>     ASSERT (strcmp (result, "") == 0);
>     free (result);
>   }
> 
> Every other test seems to be ok.
> 
> What would you recommend? Should I just disable this code and keep "-Werror=format-security"?
> Or maybe there is a bug somewhere?
(Continue reading)

Permalink | Reply |
headers
Santiago Vila | 7 May 2012 16:33
Picon
Favicon

Re: Building m4 with hardened flags

On Mon, 7 May 2012, Eric Blake wrote:

> On 05/06/2012 06:06 AM, Santiago Vila wrote:
> > Every other test seems to be ok.
> > 
> > What would you recommend? Should I just disable this code and keep
> > "-Werror=format-security"?  Or maybe there is a bug somewhere?
> 
> This is no bug, but a result of you trying to use more compiler flags
> than the unit test was designed for.  This issue was already raised on
> the gnulib list (the owner of the unit test in question), and the
> decision was to do nothing:
> https://lists.gnu.org/archive/html/bug-gnulib/2012-04/msg00016.html

Ok, I agree with that, so I've disabled format string checking.

Thanks a lot.
Permalink | Reply |

Gmane