Re: Fixes for compilation failures with -Werror=format-security and disabled nls

Holger Hoffstätte Wed, 28 May 2025 10:31:01 -0700

On 2025-05-28 16:01, Holger Hoffstätte wrote:

On 2025-05-28 15:21, Bruno Haible wrote:

Holger Hoffstätte wrote:

- reconfigure the project:
    cd mytests && ./configure --disable-nls CFLAGS="-pipe -Werror=format-security 
-O"


Did this work for you? I get errors
cc1: error: ‘-Wformat-security’ ignored without ‘-Wformat’ 
[-Werror=format-security]


Quite sure it worked for me. I repeated all steps with the latest git tree
and can confirm that it works now.


Sorry to be a bother but it seems we're not in the clear yet.
It does indeed work with gcc-15, but not with clang:

holger>./configure --disable-nls CC=clang CXX=clang++ CFLAGS="-pipe -O 
-Werror=format-security"
holger>make
<snip>
clang -std=gnu23 -DHAVE_CONFIG_H -DEXEEXT=\"\" -DEXEEXT=\"\" -DNO_XMALLOC -DEXEEXT=\"\" 
-I. -I..  -DGNULIB_STRICT_CHECKING=1  -fvisibility=hidden -pipe -O -Werror=format-security -MT clean-temp.o -MD -MP 
-MF $depbase.Tpo -c -o clean-temp.o clean-temp.c &&\
mv -f $depbase.Tpo $depbase.Po
clean-temp.c:237:14: error: format string is not a string literal (potentially 
insecure) [-Werror,-Wformat-security]
  236 |       error (0, errno,
      |       ~~~~~~~~~~~~~~~~
  237 |              _("cannot find a temporary directory, try setting 
$TMPDIR"));
      |              
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
clean-temp.c:69:18: note: expanded from macro '_'
   69 | #define _(msgid) dgettext ("gnulib", msgid)
      |                  ^
./gettext.h:94:39: note: expanded from macro 'dgettext'
   94 | #  define dgettext(Domainname, Msgid) ((void) (Domainname), gettext 
(Msgid))
      |                                       ^
./error.h:496:39: note: expanded from macro 'error'
  496 |       __gl_error_call (error, status, __VA_ARGS__)
      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
./error.h:432:44: note: expanded from macro '__gl_error_call'
  432 |      ? __gl_error_call1 (function, status, __VA_ARGS__)         \
      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
./error.h:421:26: note: expanded from macro '__gl_error_call1'
  421 |     ((function) (status, __VA_ARGS__), \
      |                          ^~~~~~~~~~~
clean-temp.c:237:14: note: treat the string as an argument to avoid this
  237 |              _("cannot find a temporary directory, try setting 
$TMPDIR"));
      |              ^
      |              "%s",
clean-temp.c:69:18: note: expanded from macro '_'
   69 | #define _(msgid) dgettext ("gnulib", msgid)
      |                  ^
./gettext.h:94:39: note: expanded from macro 'dgettext'
   94 | #  define dgettext(Domainname, Msgid) ((void) (Domainname), gettext 
(Msgid))
      |                                       ^
./error.h:496:39: note: expanded from macro 'error'
  496 |       __gl_error_call (error, status, __VA_ARGS__)
      |                                       ^
./error.h:432:44: note: expanded from macro '__gl_error_call'
  432 |      ? __gl_error_call1 (function, status, __VA_ARGS__)         \
      |                                            ^
./error.h:421:26: note: expanded from macro '__gl_error_call1'
  421 |     ((function) (status, __VA_ARGS__), \
      |                          ^
clean-temp.c:237:14: error: format string is not a string literal (potentially 
insecure) [-Werror,-Wformat-security]
  236 |       error (0, errno,
      |       ~~~~~~~~~~~~~~~~
  237 |              _("cannot find a temporary directory, try setting 
$TMPDIR"));
      |              
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
clean-temp.c:69:18: note: expanded from macro '_'
   69 | #define _(msgid) dgettext ("gnulib", msgid)
      |                  ^
./gettext.h:94:39: note: expanded from macro 'dgettext'
   94 | #  define dgettext(Domainname, Msgid) ((void) (Domainname), gettext 
(Msgid))
      |                                       ^
./error.h:496:39: note: expanded from macro 'error'
  496 |       __gl_error_call (error, status, __VA_ARGS__)
      |       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
./error.h:436:51: note: expanded from macro '__gl_error_call'
  436 |          __gl_error_call1 (function, __errstatus, __VA_ARGS__); \
      |          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~
./error.h:421:26: note: expanded from macro '__gl_error_call1'
  421 |     ((function) (status, __VA_ARGS__), \
      |                          ^~~~~~~~~~~
clean-temp.c:237:14: note: treat the string as an argument to avoid this
  237 |              _("cannot find a temporary directory, try setting 
$TMPDIR"));
      |              ^
      |              "%s",
clean-temp.c:69:18: note: expanded from macro '_'
   69 | #define _(msgid) dgettext ("gnulib", msgid)
      |                  ^
./gettext.h:94:39: note: expanded from macro 'dgettext'
   94 | #  define dgettext(Domainname, Msgid) ((void) (Domainname), gettext 
(Msgid))
      |                                       ^
./error.h:496:39: note: expanded from macro 'error'
  496 |       __gl_error_call (error, status, __VA_ARGS__)
      |                                       ^
./error.h:436:51: note: expanded from macro '__gl_error_call'
  436 |          __gl_error_call1 (function, __errstatus, __VA_ARGS__); \
      |                                                   ^
./error.h:421:26: note: expanded from macro '__gl_error_call1'
  421 |     ((function) (status, __VA_ARGS__), \
      |                          ^
2 errors generated.

Re: Fixes for compilation failures with -Werror=format-security and disabled nls

Reply via email to