Re: Building m4 with hardened flags

[Eric Blake]

On 05/06/2012 06:06 AM, Santiago Vila wrote:
> Hello.
> 
> When trying to build m4 using hardened flags, I found a test that fails:
> 
> #1;3001;0c    source='test-xvasprintf.c' object='test-xvasprintf.o' 
> libtool=no 
> gcc -std=gnu99  -I. -I../lib  -DIN_M4_GNULIB_TESTS=1 -I. -I. -I.. -I./.. 
> -I../lib -I./../lib -D_FORTIFY_SOURCE=2  -g -O2 -fstack-protector 
> --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security 
> -c test-xvasprintf.c
> test-xvasprintf.c: In function 'test_xasprintf':
> test-xvasprintf.c:98:5: error: format not a string literal and no format 
> arguments [-Werror=format-security]
> cc1: some warnings being treated as errors
> make[6]: *** [test-xvasprintf.o] Error 1
> 
> This is the code which fails:
> 
>   {
>     /* Silence gcc warning about zero-length format string.  */
>     const char *empty = "";
>     result = xasprintf (empty);
>     ASSERT (result != NULL);
>     ASSERT (strcmp (result, "") == 0);
>     free (result);
>   }
> 
> Every other test seems to be ok.
> 
> What would you recommend? Should I just disable this code and keep 
> "-Werror=format-security"?
> Or maybe there is a bug somewhere?

This is no bug, but a result of you trying to use more compiler flags
than the unit test was designed for.  This issue was already raised on
the gnulib list (the owner of the unit test in question), and the
decision was to do nothing:
https://lists.gnu.org/archive/html/bug-gnulib/2012-04/msg00016.html

-- 
Eric Blake   address@hidden    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

signature.asc
Description: OpenPGP digital signature