[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gluster-devel] glusterfs-3.3.0qa34 released
From: |
Patrick Matthäi |
Subject: |
Re: [Gluster-devel] glusterfs-3.3.0qa34 released |
Date: |
Tue, 10 Apr 2012 21:59:27 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:10.0.3) Gecko/20120329 Icedove/10.0.3 |
Am 10.04.2012 21:50, schrieb Jeff Darcy:
> On 04/10/2012 03:29 PM, Patrick Matthäi wrote:
>> it fails to build from source with hardening build flags enabled:
>>
>> gcc -DHAVE_CONFIG_H -I. -I. -I../../../..
>> -I../../../../libglusterfs/src -I../../../../contrib/uuid
>> -D_FORTIFY_SOURCE=2 -fPIC -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -Wall
>> -DGF_LINUX_HOST_OS -I../../../../libglusterfs/src
>> -I../../../../xlators/lib/src -I../../../../rpc/rpc-lib/src -shared
>> -nostartfiles -O0 -g -O2 -fstack-protector --param=ssp-buffer-size=4
>> -Wformat -Wformat-security -Werror=format-security -Wall -c
>> afr-lk-common.c -o afr-lk-common.o >/dev/null 2>&1
>> gcc -DHAVE_CONFIG_H -I. -I. -I../../../..
>> -I../../../../libglusterfs/src -I../../../../contrib/uuid
>> -D_FORTIFY_SOURCE=2 -fPIC -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -Wall
>> -DGF_LINUX_HOST_OS -I../../../../libglusterfs/src
>> -I../../../../xlators/lib/src -I../../../../rpc/rpc-lib/src -shared
>> -nostartfiles -O0 -g -O2 -fstack-protector --param=ssp-buffer-size=4
>> -Wformat -Wformat-security -Werror=format-security -Wall -c
>> afr-self-heald.c -fPIC -DPIC -o .libs/afr-self-heald.o
>> afr-self-heald.c: In function '_crawl_proceed':
>> afr-self-heald.c:398:17: error: format not a string literal and no
>> format arguments [-Werror=format-security]
>> afr-self-heald.c:398:17: error: format not a string literal and no
>> format arguments [-Werror=format-security]
>> cc1: some warnings being treated as errors
>> make[6]: *** [afr-self-heald.lo] Error 1
>
> Today I learned that -Werror=format-security generates totally bogus errors.
> If you look at the code you'd see it's *no different* security-wise than if it
> had been a string literal (which it was one line earlier) and it doesn't
> contain any % substitutions anyway. There are many tools to do this sort of
> checking correctly, and I'd be totally in favor of fixing defects that they
> report, but working around gcc bugs is pretty irksome.
The "problem" is, that the % substitution is missing, so:
gf_log (this->name, GF_LOG_ERROR, msg);
should become:
gf_log (this->name, GF_LOG_ERROR, "%s", msg);
I didn't checked if this was introduced in other places, too.
In 3.2.5 there was a simmilar fault, which my co-maintainer of the
glusterfs packaging has been fixed:
http://review.gluster.com/#change,2598
--
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
E-Mail: address@hidden
address@hidden
*/
signature.asc
Description: OpenPGP digital signature
- [Gluster-devel] glusterfs-3.3.0qa34 released, Vijay Bellur, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, John Mark Walker, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Patrick Matthäi, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Jeff Darcy, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released,
Patrick Matthäi <=
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Jeff Darcy, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Patrick Matthäi, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Patrick Matthäi, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Jeff Darcy, 2012/04/10
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Kaleb S. KEITHLEY, 2012/04/11
- Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Patrick Matthäi, 2012/04/11
Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Ian Latter, 2012/04/13
Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Ian Latter, 2012/04/18
Re: [Gluster-devel] glusterfs-3.3.0qa34 released, Ian Latter, 2012/04/18