[tor-bugs] #9066 [Tor]: use a macro like CHECK_PRINTF for tor_sscanf
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jun 15 02:50:06 UTC 2013
#9066: use a macro like CHECK_PRINTF for tor_sscanf
--------------------+-------------------------------------------------------
Reporter: x3j11 | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version: Tor: 0.2.4.12-alpha
Keywords: | Parent:
Points: | Actualpoints:
--------------------+-------------------------------------------------------
Comment(by andrea):
Replying to [comment:3 nickm]:
> I agree with this one change, though I'm less confident that the
strategy above is the right way to handle the openbsd warning issue.
>
> The warning in this case is indeed correct: the unit test is trying to
do something questionable there. I thought we'd suppressed that (see
discussion on #7260), but if not, we should actually fix it so that the C
isn't doing anything iffy IMO. After all, we don't want to disable scanf
checking for the whole program just because the compiler can catch *more*
errors!
>
>
> Applying the patch above to 0.2.5
Let's consider the two proposed tests separately; regardless of the merits
of shutting off the warnings in some cases, it's worth actually checking
for __format(printf,...)___ and __format(scanf,...)__ rather than assuming
#ifdef __GNU_C__ is sufficient - presumably sufficiently old gccs don't
have those extensions, and they're useful enough that some non-gcc
compiler might implement compatible ones - either now without my being
aware of it, or in the future.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9066#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list