[New-bugs-announce] [issue20948] -Wformat=2 -Wformat-security findings

[Jeffrey Walton]

New submission from Jeffrey Walton:

$ hg id
3736bf94535c+ tip

-Wformat=2 -Wformat-security are useful for detecting possible security related bugs. Compiling with the two options produced a few hits in the source code.

/usr/bin/gcc -pthread -c -Wno-unused-result -Werror=declaration-after-statement -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -fno-common -Wstrict-overflow -Wformat=2 -Wformat-security -Wcast-align  -Wtrampolines  -fno-common -Wstrict-overflow -Wformat=2 -Wformat-security -Wcast-align  -Wtrampolines    -I. -IInclude -I./Include    -DPy_BUILD_CORE -o Objects/unicodeobject.o cpython/./Objects/unicodeobject.c
cpython/./Objects/unicodeobject.c: In function ‘unicode_fromformat_arg’:
cpython/./Objects/unicodeobject.c:2527:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2531:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2535:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2538:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2542:13: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2549:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2553:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2557:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Objects/unicodeobject.c:2560:25: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]

I think those are necessary for to `unicode_fromformat_arg`.

/usr/bin/gcc -pthread -c -Wno-unused-result -Werror=declaration-after-statement -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -fno-common -Wstrict-overflow -Wformat=2 -Wformat-security -Wcast-align  -Wtrampolines  -fno-common -Wstrict-overflow -Wformat=2 -Wformat-security -Wcast-align  -Wtrampolines    -I. -IInclude -I./Include    -DPy_BUILD_CORE -o Modules/main.o cpython/./Modules/main.c
cpython/./Modules/main.c: In function ‘usage’:
cpython/./Modules/main.c:111:5: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Modules/main.c:118:9: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]
cpython/./Modules/main.c:119:9: warning: format not a string literal, argument types not checked [-Wformat-nonliteral]

I think the occurrences in main.c could benefit from "%s" to ensure the program does not accidentally leak.

----------
components: Build
hgrepos: 225
messages: 213743
nosy: Jeffrey.Walton
priority: normal
severity: normal
status: open
title: -Wformat=2 -Wformat-security findings
versions: Python 3.5

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20948>
_______________________________________