GNU bug report logs - #10592
movemail.c's error function and certain compiler flags

Previous Next

Full log

Message #8 received at 10592 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Rob Browning <rlb <at> defaultvalue.org>
Cc: 10592 <at> debbugs.gnu.org, 655118-forwarded <at> bugs.debian.org, jmm <at> inutil.org,
	655118 <at> bugs.debian.org
Subject: Re: bug#10592: Bug#655118: Please enabled hardened build flags
Date: Tue, 24 Jan 2012 01:06:40 -0500

> From: Rob Browning <rlb <at> defaultvalue.org>
> Date: Mon, 23 Jan 2012 23:05:26 -0600
> Cc: 655118 <at> bugs.debian.org, 655118-forwarded <at> bugs.debian.org,
> 	Moritz Mühlenhoff <jmm <at> inutil.org>
> 
> --- emacs23-23.3+1.orig/lib-src/movemail.c	2011-12-29 05:07:27.000000000 +0100
> +++ emacs23-23.3+1/lib-src/movemail.c	2012-01-08 17:31:22.000000000 +0100
> @@ -615,11 +615,11 @@
>  {
>    fprintf (stderr, "movemail: ");
>    if (s3)
> -    fprintf (stderr, s1, s2, s3);
> +    fprintf (stderr, "%s%s%s", s1, s2, s3);
>    else if (s2)
> -    fprintf (stderr, s1, s2);
> +    fprintf (stderr, "%s%s", s1, s2);
>    else
> -    fprintf (stderr, s1);
> +    fprintf (stderr, "%s", s1);
>    fprintf (stderr, "\n");
>  }

How can this possibly be TRT?  The commentary to this function says:

  /* Print error message.  `s1' is printf control string, `s2' and `s3'
     are args for it or null. */

If S1 is the printf control string, how will printing it with %s DTRT?
E.g., in this invocation:

      error ("Error connecting to POP server: %s", pop_error, 0);

or in this one:

      error ("Error in open: %s, %s", strerror (errno), outfile);

I think the right fix for this is to declare `error' with the
appropriate printf attribute.  Alternatively, you could use variable
argument lists and call vprintf instead.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.