[issue20948] -Wformat=2 -Wformat-security findings
Martin Panter
report at bugs.python.org
Tue Jul 26 05:47:38 EDT 2016
Martin Panter added the comment:
GCC’s -Wformat options are documented at <https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wformat-321>. We already enable -Wall by default, which implicitly enables -Wformat, but not -Wformat=2. Apparently, -Wformat=2 enables -Wformat-security, so you shouldn’t have to manually enable it.
The -Wformat-security option enables warnings for stuff like printf(variable), without any extra arguments. Such a call could easily be changed, even if it is not a genuine problem. So I wouldn’t have a problem enabling this warning by default. (See also Issue 23545 proposing a few other warnings.)
However I am not convinced it is worth working around the -Wformat-nonliteral warnings, given that all the warnings given above were false positives, and the general workaround would need six or seven preprocessor lines.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20948>
_______________________________________
More information about the Python-bugs-list
mailing list