On Tue, 15 Nov 2022 at 07:20, Stefan Weil via <[email protected]> wrote: > > With the G_GNUC_PRINTF function attribute the compiler detects > two potential insecure format strings: > > ../../../net/stream.c:248:31: warning: format string is not a string literal > (potentially insecure) [-Wformat-security] > qemu_set_info_str(&s->nc, uri); > ^~~ > ../../../net/stream.c:322:31: warning: format string is not a string literal > (potentially insecure) [-Wformat-security] > qemu_set_info_str(&s->nc, uri); > ^~~ > > There are also two other warnings: > > ../../../net/socket.c:182:35: warning: zero-length gnu_printf format string > [-Wformat-zero-length] > 182 | qemu_set_info_str(&s->nc, ""); > | ^~ > ../../../net/stream.c:170:35: warning: zero-length gnu_printf format string > [-Wformat-zero-length] > 170 | qemu_set_info_str(&s->nc, ""); > > Signed-off-by: Stefan Weil <[email protected]> > ---
Reviewed-by: Peter Maydell <[email protected]> thanks -- PMM
