[Bug 1580348] [NEW] mksh 52c bi_errorf(Tbadsubst) format string is not a string literal

Chih-Hung Hsieh chh at google.com
Tue May 10 21:32:58 UTC 2016 

Public bug reported:

Lastest mksh/histrap.c (R52c) has a warning from clang/llvm compiler.
It is a tricky use of pointer to the middle of string literals,
which is recognized by gcc but not clang/llvm.

This warning now blocks mksh upgrade in Android open source.
Could you fix the following warning and other places that use
bi_errorf(Tbadsubst) or internal_errorf(Tbadsubst)?

histrap.c:220:15: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
                                bi_errorf(Tbadsubst);
                                          ^~~~~~~~~
sh.h:891:19: note: expanded from macro 'Tbadsubst'
#define Tbadsubst       (Tfg_badsubst + 10)     /* "bad substitution" */
                        ^~~~~~~~~~~~~~~~~~


The warning can be fixed by changing
   bi_errorf(Tbadsubst);
to
   bi_errorf("%s", Tbadsubst);

If adding a few bytes is not acceptable, could you change
   bi_errorf(Tbadsubst);
to
   bi_errorf0(Tbadsubst);
where bi_errorf0 is declared as
   void bi_errorf0(const char *);  // without format check
and implemented as a weak alias:
   void bi_errorf0(const char *s) __attribute__((weak, alias("bi_errorf")));


Attached file is a suggested patch to compile with Android.

Thanks.

** Affects: mksh (Ubuntu)
     Importance: Undecided
         Status: New

** Attachment added: "diff.mksh.bi_errorf0.txt"
   https://bugs.launchpad.net/bugs/1580348/+attachment/4660213/+files/diff.mksh.bi_errorf0.txt

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mksh in Ubuntu.
https://bugs.launchpad.net/bugs/1580348

Title:
  mksh 52c bi_errorf(Tbadsubst) format string is not a string literal

Status in mksh package in Ubuntu:
  New

Bug description:
  Lastest mksh/histrap.c (R52c) has a warning from clang/llvm compiler.
  It is a tricky use of pointer to the middle of string literals,
  which is recognized by gcc but not clang/llvm.

  This warning now blocks mksh upgrade in Android open source.
  Could you fix the following warning and other places that use
  bi_errorf(Tbadsubst) or internal_errorf(Tbadsubst)?

  histrap.c:220:15: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
                                  bi_errorf(Tbadsubst);
                                            ^~~~~~~~~
  sh.h:891:19: note: expanded from macro 'Tbadsubst'
  #define Tbadsubst       (Tfg_badsubst + 10)     /* "bad substitution" */
                          ^~~~~~~~~~~~~~~~~~

  
  The warning can be fixed by changing
     bi_errorf(Tbadsubst);
  to
     bi_errorf("%s", Tbadsubst);

  If adding a few bytes is not acceptable, could you change
     bi_errorf(Tbadsubst);
  to
     bi_errorf0(Tbadsubst);
  where bi_errorf0 is declared as
     void bi_errorf0(const char *);  // without format check
  and implemented as a weak alias:
     void bi_errorf0(const char *s) __attribute__((weak, alias("bi_errorf")));

  
  Attached file is a suggested patch to compile with Android.

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mksh/+bug/1580348/+subscriptions

More information about the foundations-bugs mailing list