Ticket #2976 (closed defect: fixed)

Opened 4 years ago

Last modified 4 years ago

[PATCH] When compiling with -Werror=format-security, we get "error: format not a string literal and no format arguments "

Reported by: rouault Owned by: warmerdam
Priority: normal Milestone: 1.7.0
Component: GDAL_Raster Version: unspecified
Severity: normal Keywords: gtiff
Cc:

Description

gcc -Werror=format-security fails on constructs like, printf(buffer), that may be cause crashes if buffer contains '%' characters. The correct format is printf("%s", buffer) instead.

I've detected 3 errors of that kind in GDAL itself (fix to follow), but there are remaining in internal libgeotiff and libtiff. Patches to fix those ones attached.

Attachments

ticket2976_libtiff.patch Download (3.3 KB) - added by rouault 4 years ago.
Patch for libtiff
ticket2976_libgeotiff.patch Download (399 bytes) - added by rouault 4 years ago.
Patch for libgeotiff

Change History

Changed 4 years ago by rouault

Non libtiff and libgeotiff changes done in r16925

Changed 4 years ago by rouault

  • summary changed from When compiling with -Werror=format-security, we get "error: format not a string literal and no format arguments " to [PATCH] When compiling with -Werror=format-security, we get "error: format not a string literal and no format arguments "

Changed 4 years ago by rouault

Patch for libtiff

Changed 4 years ago by rouault

Patch for libgeotiff

Changed 4 years ago by warmerdam

  • keywords gtiff added
  • status changed from new to assigned
  • component changed from default to GDAL_Raster
  • milestone set to 1.7.0

Libtiff patch applied upstream in libtiff head (for 4.0.0 release).

Changed 4 years ago by warmerdam

  • status changed from assigned to closed
  • resolution set to fixed

Libgeotiff patched upstream (revision 1571).

libtiff and libgeotiff changes brought back into trunk (r16926).

Note: See TracTickets for help on using tickets.