[issue20948] -Wformat=2 -Wformat-security findings
Jeffrey Walton
report at bugs.python.org
Tue Jul 26 04:57:31 EDT 2016
Jeffrey Walton added the comment:
On Tue, Jul 26, 2016 at 4:31 AM, Martin Panter <report at bugs.python.org> wrote:
>
> Martin Panter added the comment:
>
> The Modules/main.c cases are not errors. They are just long strings defined as static constants, rather than literals passed in directly.
>
> I think we can close this now. Unless people think this warning is worth using, in which case we should find a way to work around the false positives.
>
Would it be possible to add some instrumentation to silence the
finding? There's no sense in having multiple developers and qa
research the issue. I'm guessing a percentage of developers and qa
will file bug reports, so it will burn some of the python team's
cycles, too.
Maybe something like:
#if (GCC_VERSION >= 40600) || (LLVM_CLANG_VERSION >= 10700) ||
(APPLE_CLANG_VERSION >= 20000)
# define GCC_DIAGNOSTIC_AVAILABLE 1
#endif
#if GCC_DIAGNOSTIC_AVAILABLE
# pragma GCC diagnostic ignored "-Wformat-security"
#endif
If its safe to ignore the warning, then the technique above should be
safe for a C/CC/CXX/CPP files. It will not cross-pollinate because its
a source file, and not a header file.
Jeff
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20948>
_______________________________________
More information about the Python-bugs-list
mailing list