View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
---|---|---|---|---|---|---|---|---|---|
0001992 | OpenClonk | Engine | public | 2018-02-10 17:40 | 2018-02-17 12:00 | ||||
Reporter | pkern | ||||||||
Assigned To | Luchs | ||||||||
Priority | normal | Severity | major | Reproducibility | always | ||||
Status | resolved | Resolution | fixed | ||||||
Platform | Debian GNU/Linux testing/sid | OS | Linux | OS Version | |||||
Product Version | 8.0 | ||||||||
Target Version | 8.1 | Fixed in Version | 8.1 | ||||||
Summary | 0001992: OpenClonk 8.0 does not compile with -Werror=format-security | ||||||||
Description | -Werror=format-security is the default on Debian to guard against format string bugs. Unfortunately this means that people trying to implement their own printf break compilation. In this case at least C4AulCompiler.cpp fails to compile: [...] template<class... T> static C4AulParseError Error(const C4ScriptHost *target_host, const C4ScriptHost *host, const char *SPos, const C4AulScriptFunc *func, const char *msg, T &&...args) { std::string message = sizeof...(T) > 0 ? strprintf(msg, std::forward<T>(args)...) : msg; [...] [...]/src/script/C4AulCompiler.cpp:101:52: error: format not a string literal and no format arguments [-Werror=format-security] std::string message = sizeof...(T) > 0 ? strprintf(msg, std::forward<T>(args)...) : msg; ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Same for Warn(). I quickly tried a format printf annotation but even that did not resolve the issue, as the argument passed into strprintf was not recognized as a string literal, which sort of makes sense. It would probably be fine to just filter it out, but then the filtering should likely be confined to the compilation unit that fails with it rather than all of them. | ||||||||
Tags | No tags attached. | ||||||||
Attached Files |
|
![]() |
|
Luchs (administrator) 2018-02-11 15:41 |
There's already some discussion about this on github [1][2]. There was one legitimate case of -Wformat-security which I fixed in [3]. I consider the remaining two cases to be a bug in GCC as they're in code which is never executed (and likely thrown out before code generation). We should probably just disable -Wformat-security for C4AulCompiler.cpp until GCC can handle it properly in templated code like this. @Maikel: Please cherry-pick commit [3] before releasing 8.1 (I can't do it before next (next) week). [1]: https://github.com/openclonk/openclonk/issues/64 [2]: https://github.com/openclonk/openclonk/pull/65 [3]: https://github.com/openclonk/openclonk/commit/08edf3bb583f55cf5bf7ba1050ba86632f02a6e0 |
occ (reporter) 2018-02-17 11:59 |
Hi! There's been a check-in that references this bug. For more information you can visit the repository browser at this address: https://git.openclonk.org/openclonk.git/commitdiff/334c57f2968263276ae12d69c262111a6d53ade2 Changeset 334c57f by Lukas Werling <lukas.werling@gmail.com> Disable -Wformat-security in parts of C4AulCompiler (0001992, GH-64) |
![]() |
|||
Date Modified | Username | Field | Change |
---|---|---|---|
2018-02-10 17:40 | pkern | New Issue | |
2018-02-10 22:06 | Maikel | Target Version | => 8.1 |
2018-02-11 15:41 | Luchs | Note Added: 0006124 | |
2018-02-11 15:42 | Luchs | Assigned To | => Luchs |
2018-02-11 15:42 | Luchs | Status | new => acknowledged |
2018-02-17 11:59 | occ | Note Added: 0006139 | |
2018-02-17 12:00 | Luchs | Status | acknowledged => resolved |
2018-02-17 12:00 | Luchs | Resolution | open => fixed |
2018-02-17 12:00 | Luchs | Fixed in Version | => 8.1 |