RFR: 8030350: Enable additional compiler warnings for GCC
Magnus Ihse Bursie
magnus.ihse.bursie at oracle.com
Wed Jan 8 12:28:26 UTC 2014
On 2013-12-18 15:13, Dmitry Samersoff wrote:
> Mike,
>
> 1. I'm not sure -Wformat-security has any value for us - it checks for case
> printf(string) with no extra arguments,
> as it can cause buffer overrun if string comes from untrusted source.
Actually, it checks functions tagged as "format" functions. If you have
your own implementation with a "printf-style" syntax (typically some
kind of pre-/post-processing around sprintf etc), you can tag these
functions as well, using e.g.
__attribute__ ((format (printf, 2, 3)));
The best way to do this is to define a macro that expands to such an
attribute definition on gcc, and empty for other compilers.
I have personally found this to be a great tool for catching format
errors. It do require some initial effort of finding and tagging the
"printf-style" functions, but then all uses of these are checked.
I do not know, however, if this is applicable to the jdk.
/Magnus
More information about the build-dev
mailing list