From patchwork Fri Jan 15 20:07:30 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jakub Jelinek X-Patchwork-Id: 568423 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 7238E140662 for ; Sat, 16 Jan 2016 07:07:46 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b=n3Lbg1AK; dkim-atps=neutral DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:subject:message-id:reply-to:mime-version:content-type :content-transfer-encoding; q=dns; s=default; b=I7qZiJnvBz21EYiF M4eMwXQtNwDjEAW5+tfXyzPSwnAi9Yl4SeqN0jr+NB3sKzton3sQoS91fExuVLl6 zhZvbV6KfCIgP040vzMB76kMzvHM7hjEFArDs53B1Csc3xmsSOthsXznm41dhIOM t7iCNHO+2GR9wWKixsm2Lnf3TwM= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:subject:message-id:reply-to:mime-version:content-type :content-transfer-encoding; s=default; bh=cnGXhEwEf7YMzBkDpI5Al7 e+iOI=; b=n3Lbg1AKEf55aRorf4gMR7H+6GaKgzYNci/1EYbfXzH50RzoSlFtI+ 7ujngMlFVmckSEgeYKJGodwvDJhEQyC+J6uE8muuQMM+VkN/9TzsRwZZpD403bwv U3ivLN2urIqpRUiWsXShZLiS4y3LCUPnukC3kJnwrg3cI/GaGPIOw= Received: (qmail 5778 invoked by alias); 15 Jan 2016 20:07:37 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 5754 invoked by uid 89); 15 Jan 2016 20:07:37 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: =?ISO-8859-1?Q?No, score=-1.9 required=5.0 tests=BAYES_00, RP_MATCHES_RCVD, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=8:=c3=a7, 8:an, 8:er, our?= X-Spam-User: qpsmtpd, 2 recipients X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Fri, 15 Jan 2016 20:07:36 +0000 Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by mx1.redhat.com (Postfix) with ESMTPS id 19CD142E5DD; Fri, 15 Jan 2016 20:07:35 +0000 (UTC) Received: from tucnak.zalov.cz ([10.3.113.11]) by int-mx13.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u0FK7XpB020410 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 15 Jan 2016 15:07:34 -0500 Received: from tucnak.zalov.cz (localhost [127.0.0.1]) by tucnak.zalov.cz (8.15.2/8.15.2) with ESMTP id u0FK7VZS023603; Fri, 15 Jan 2016 21:07:32 +0100 Received: (from jakub@localhost) by tucnak.zalov.cz (8.15.2/8.15.2/Submit) id u0FK7UHh022871; Fri, 15 Jan 2016 21:07:30 +0100 Date: Fri, 15 Jan 2016 21:07:30 +0100 From: Jakub Jelinek To: fortran@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: [PATCH] Fix -Wformat-security warning in libgfortran Message-ID: <20160115200730.GF3017@tucnak.redhat.com> Reply-To: Jakub Jelinek MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.24 (2015-08-30) X-IsSubscribed: yes Hi! In our gcc package build, libgfortran is built with -Werror=format-security and errors on this file. While it is a false positive, because cmdmsg_values[i] for any valid i don't contain % characters, IMNSHO it is better to use "%s", msg anyway to make it clear that msg should not be interpretted as format string. Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? 2016-01-15 Jakub Jelinek * intrinsics/execute_command_line.c (set_cmdstat): Use "%s", msg instead of msg to avoid -Wformat-security warning. Jakub --- libgfortran/intrinsics/execute_command_line.c.jj 2016-01-04 15:14:11.000000000 +0100 +++ libgfortran/intrinsics/execute_command_line.c 2016-01-15 14:47:32.132158422 +0100 @@ -1,6 +1,6 @@ /* Implementation of the EXECUTE_COMMAND_LINE intrinsic. Copyright (C) 2009-2016 Free Software Foundation, Inc. - Contributed by François-Xavier Coudert. + Contributed by François-Xavier Coudert. This file is part of the GNU Fortran runtime library (libgfortran). @@ -55,7 +55,7 @@ set_cmdstat (int *cmdstat, int value) #define MSGLEN 200 char msg[MSGLEN] = "EXECUTE_COMMAND_LINE: "; strncat (msg, cmdmsg_values[value], MSGLEN - strlen(msg) - 1); - runtime_error (msg); + runtime_error ("%s", msg); } }