Mesa (master): mesa: prevent common string formatting security issues
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Tue Jun 4 19:51:49 UTC 2019
Module: Mesa
Branch: master
Commit: c9c1e26106478258d8a91fe8fc5c69d8c3fa5206
URL: http://cgit.freedesktop.org/mesa/mesa/commit/?id=c9c1e26106478258d8a91fe8fc5c69d8c3fa5206
Author: Mark Janes <mark.a.janes at intel.com>
Date: Mon Jun 3 16:59:45 2019 -0700
mesa: prevent common string formatting security issues
Adds a compile-time error for obvious security issues like:
printf(string_var);
The proposed flag is more tolerant than -Wformat-nonliteral.
Specifically, it tolerates common mesa formatting like:
static const char *shader_template = "really long string %d";
printf(shader_template, uniform_number);
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=110833
Reviewed-by: Eric Anholt <eric at anholt.net>
Reviewed-by: Eric Engestrom <eric at engestrom.ch>
---
meson.build | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meson.build b/meson.build
index 1d32d909c95..949ab970089 100644
--- a/meson.build
+++ b/meson.build
@@ -849,6 +849,8 @@ c_args = []
foreach a : ['-Werror=implicit-function-declaration',
'-Werror=missing-prototypes', '-Werror=return-type',
'-Werror=incompatible-pointer-types',
+ '-Werror=format',
+ '-Wformat-security',
'-fno-math-errno',
'-fno-trapping-math', '-Qunused-arguments']
if cc.has_argument(a)
@@ -870,6 +872,8 @@ endif
# Check for generic C++ arguments
cpp_args = []
foreach a : ['-Werror=return-type',
+ '-Werror=format',
+ '-Wformat-security',
'-fno-math-errno', '-fno-trapping-math',
'-Qunused-arguments']
if cpp.has_argument(a)
More information about the mesa-commit
mailing list