Date: Thu, 10 Nov 2011 20:47:22 +0000 From: Alexander Best <arundel@freebsd.org> To: freebsd-toolchain@freebsd.org Subject: format string is not a string literal (potentially insecure) [-Wformat-security] Message-ID: <20111110204722.GA85046@freebsd.org>
next in thread | raw e-mail | index | archive | help
hi there,
clang outputs the following warning during 'make buildkernel':
clang -c -O3 -pipe -fno-inline-functions -fno-strict-aliasing -march=core2 -std=c99 -fdiagnostics-show-option -fformat-extensions -Wall -Wcast-qual -Winline -Wmissing-include-dirs -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wredundant-decls -Wstrict-prototypes -Wundef -Wno-pointer-sign -nostdinc -I. -I/usr/git-freebsd-head/sys -I/usr/git-freebsd-head/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -mno-aes -mno-avx -mcmodel=kernel -mno-red-zone -mno-mmx -msoft-float -fno-asynchronous-unwind-tables -ffreestanding -fstack-protector-all /usr/git-freebsd-head/sys/kern/kern_conf.c
/usr/git-freebsd-head/sys/kern/kern_conf.c:1019:45: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
ret = make_dev_alias_p(flags, cdev, pdev, devfspath);
^~~~~~~~~
does this indicate a security risk, which should be fixed or rather a bugus
warning?
cheers.
alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111110204722.GA85046>