Opened 15 years ago

Closed 15 years ago

#2976 closed defect (fixed)

[PATCH] When compiling with -Werror=format-security, we get "error: format not a string literal and no format arguments "

Reported by: Even Rouault Owned by: warmerdam
Priority: normal Milestone: 1.7.0
Component: GDAL_Raster Version: unspecified
Severity: normal Keywords: gtiff
Cc:

Description

gcc -Werror=format-security fails on constructs like, printf(buffer), that may be cause crashes if buffer contains '%' characters. The correct format is printf("%s", buffer) instead.

I've detected 3 errors of that kind in GDAL itself (fix to follow), but there are remaining in internal libgeotiff and libtiff. Patches to fix those ones attached.

Attachments (2)

ticket2976_libtiff.patch (3.3 KB ) - added by Even Rouault 15 years ago.
Patch for libtiff
ticket2976_libgeotiff.patch (399 bytes ) - added by Even Rouault 15 years ago.
Patch for libgeotiff

Download all attachments as: .zip

Change History (6)

comment:1 by Even Rouault, 15 years ago

Non libtiff and libgeotiff changes done in r16925

comment:2 by Even Rouault, 15 years ago

Summary: When compiling with -Werror=format-security, we get "error: format not a string literal and no format arguments "[PATCH] When compiling with -Werror=format-security, we get "error: format not a string literal and no format arguments "

by Even Rouault, 15 years ago

Attachment: ticket2976_libtiff.patch added

Patch for libtiff

by Even Rouault, 15 years ago

Attachment: ticket2976_libgeotiff.patch added

Patch for libgeotiff

comment:3 by warmerdam, 15 years ago

Component: defaultGDAL_Raster
Keywords: gtiff added
Milestone: 1.7.0
Status: newassigned

Libtiff patch applied upstream in libtiff head (for 4.0.0 release).

comment:4 by warmerdam, 15 years ago

Resolution: fixed
Status: assignedclosed

Libgeotiff patched upstream (revision 1571).

libtiff and libgeotiff changes brought back into trunk (r16926).

Note: See TracTickets for help on using tickets.