Mesa (master): mesa: prevent common string formatting security issues

[GitLab Mirror]

Module: Mesa
Branch: master
Commit: c9c1e26106478258d8a91fe8fc5c69d8c3fa5206
URL:    http://cgit.freedesktop.org/mesa/mesa/commit/?id=c9c1e26106478258d8a91fe8fc5c69d8c3fa5206

Author: Mark Janes <mark.a.janes at intel.com>
Date:   Mon Jun  3 16:59:45 2019 -0700

mesa: prevent common string formatting security issues

Adds a compile-time error for obvious security issues like:

  printf(string_var);

The proposed flag is more tolerant than -Wformat-nonliteral.
Specifically, it tolerates common mesa formatting like:

  static const char *shader_template = "really long string %d";
  printf(shader_template, uniform_number);

Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=110833
Reviewed-by: Eric Anholt <eric at anholt.net>
Reviewed-by: Eric Engestrom <eric at engestrom.ch>

---

 meson.build | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meson.build b/meson.build
index 1d32d909c95..949ab970089 100644
--- a/meson.build
+++ b/meson.build
@@ -849,6 +849,8 @@ c_args = []
 foreach a : ['-Werror=implicit-function-declaration',
              '-Werror=missing-prototypes', '-Werror=return-type',
              '-Werror=incompatible-pointer-types',
+             '-Werror=format',
+             '-Wformat-security',
              '-fno-math-errno',
              '-fno-trapping-math', '-Qunused-arguments']
   if cc.has_argument(a)
@@ -870,6 +872,8 @@ endif
 # Check for generic C++ arguments
 cpp_args = []
 foreach a : ['-Werror=return-type',
+             '-Werror=format',
+             '-Wformat-security',
              '-fno-math-errno', '-fno-trapping-math',
              '-Qunused-arguments']
   if cpp.has_argument(a)