Anonymous Login
2018-07-19 04:03 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0001992OpenClonkEnginepublic2018-02-17 12:00
Reporterpkern 
Assigned ToLuchs 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformDebian GNU/Linux testing/sidOSLinuxOS Version 
Product Version8.0 
Target Version8.1Fixed in Version8.1 
Summary0001992: OpenClonk 8.0 does not compile with -Werror=format-security
Description-Werror=format-security is the default on Debian to guard against format string bugs. Unfortunately this means that people trying to implement their own printf break compilation. In this case at least C4AulCompiler.cpp fails to compile:

[...]
template<class... T>
static C4AulParseError Error(const C4ScriptHost *target_host, const C4ScriptHost *host, const char *SPos, const C4AulScriptFunc *func, const char *msg, T &&...args)
{
        std::string message = sizeof...(T) > 0 ? strprintf(msg, std::forward<T>(args)...) : msg;
[...]

[...]/src/script/C4AulCompiler.cpp:101:52: error: format not a string literal and no format arguments [-Werror=format-security]
  std::string message = sizeof...(T) > 0 ? strprintf(msg, std::forward<T>(args)...) : msg;
                                           ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Same for Warn(). I quickly tried a format printf annotation but even that did not resolve the issue, as the argument passed into strprintf was not recognized as a string literal, which sort of makes sense. It would probably be fine to just filter it out, but then the filtering should likely be confined to the compilation unit that fails with it rather than all of them.
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0006124

Luchs (administrator)

There's already some discussion about this on github [1][2].

There was one legitimate case of -Wformat-security which I fixed in [3]. I consider the remaining two cases to be a bug in GCC as they're in code which is never executed (and likely thrown out before code generation).

We should probably just disable -Wformat-security for C4AulCompiler.cpp until GCC can handle it properly in templated code like this.

@Maikel: Please cherry-pick commit [3] before releasing 8.1 (I can't do it before next (next) week).

[1]: https://github.com/openclonk/openclonk/issues/64
[2]: https://github.com/openclonk/openclonk/pull/65
[3]: https://github.com/openclonk/openclonk/commit/08edf3bb583f55cf5bf7ba1050ba86632f02a6e0

~0006139

occ (reporter)

Hi! There's been a check-in that references this bug. For more information you can visit the repository browser at this address:
https://git.openclonk.org/openclonk.git/commitdiff/334c57f2968263276ae12d69c262111a6d53ade2

Changeset 334c57f by Lukas Werling <lukas.werling@gmail.com>
Disable -Wformat-security in parts of C4AulCompiler (0001992, GH-64)

+Notes

-Issue History
Date Modified Username Field Change
2018-02-10 17:40 pkern New Issue
2018-02-10 22:06 Maikel Target Version => 8.1
2018-02-11 15:41 Luchs Note Added: 0006124
2018-02-11 15:42 Luchs Assigned To => Luchs
2018-02-11 15:42 Luchs Status new => acknowledged
2018-02-17 11:59 occ Note Added: 0006139
2018-02-17 12:00 Luchs Status acknowledged => resolved
2018-02-17 12:00 Luchs Resolution open => fixed
2018-02-17 12:00 Luchs Fixed in Version => 8.1
+Issue History