[Bug 1580348] Re: mksh 52c bi_errorf(Tbadsubst) format string is not a string literal

Thorsten Glaser 1580348 at bugs.launchpad.net
Mon Jul 25 00:17:26 UTC 2016 

Fix committed – please do try CVS HEAD; if this doesn’t help, I will
require full build logs.

Removing from the Ubuntu package, as it’s not affected by this issue;
adding the upstream package.

With the last code, Build.sh (triggered by mksrc.sh in Android) will
recognise LLVM/Clang automatically and set CPPFLAGS accordingly to not
use our own string pooling but to rely on the compiler’s instead.

** Also affects: mksh
   Importance: Undecided
       Status: New

** Changed in: mksh (Ubuntu)
       Status: New => Invalid

** Changed in: mksh
       Status: New => Fix Committed

** Changed in: mksh
   Importance: Undecided => High

** Changed in: mksh
     Assignee: (unassigned) => Thorsten Glaser (mirabilos)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mksh in Ubuntu.
https://bugs.launchpad.net/bugs/1580348

Title:
  mksh 52c bi_errorf(Tbadsubst) format string is not a string literal

Status in mksh:
  Fix Committed
Status in mksh package in Ubuntu:
  Invalid

Bug description:
  Lastest mksh/histrap.c (R52c) has a warning from clang/llvm compiler.
  It is a tricky use of pointer to the middle of string literals,
  which is recognized by gcc but not clang/llvm.

  This warning now blocks mksh upgrade in Android open source.
  Could you fix the following warning and other places that use
  bi_errorf(Tbadsubst) or internal_errorf(Tbadsubst)?

  histrap.c:220:15: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
                                  bi_errorf(Tbadsubst);
                                            ^~~~~~~~~
  sh.h:891:19: note: expanded from macro 'Tbadsubst'
  #define Tbadsubst       (Tfg_badsubst + 10)     /* "bad substitution" */
                          ^~~~~~~~~~~~~~~~~~

  
  The warning can be fixed by changing
     bi_errorf(Tbadsubst);
  to
     bi_errorf("%s", Tbadsubst);

  If adding a few bytes is not acceptable, could you change
     bi_errorf(Tbadsubst);
  to
     bi_errorf0(Tbadsubst);
  where bi_errorf0 is declared as
     void bi_errorf0(const char *);  // without format check
  and implemented as a weak alias:
     void bi_errorf0(const char *s) __attribute__((weak, alias("bi_errorf")));

  
  Attached file is a suggested patch to compile with Android.

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mksh/+bug/1580348/+subscriptions

More information about the foundations-bugs mailing list