bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] fix not a string literal warning in test_xasprintf


From: Bruno Haible
Subject: Re: [PATCH v2] fix not a string literal warning in test_xasprintf
Date: Thu, 05 Apr 2012 12:48:17 +0200
User-agent: KMail/4.7.4 (Linux/3.1.0-1.2-desktop; KDE/4.7.4; x86_64; ; )

More about security warnings and style warnings:

> So, the warning "format not a string literal and no format arguments" or,
> more generally "format with no format arguments", is a *style* warning,
> not a *security* warning.

The idea is that security warnings are about situations that are dangerous
at runtime. Whereas style warnings ensure certain coding conventions.

So, a difference between style warnings and security warnings is that it
makes sense to enable security warnings on an entire distribution, whereas
style warnings can be enabled on specific projects. For coreutils you
shouldn't enable all possible style warnings, since the coreutils contributors
don't do beginner mistakes.

Bruno




reply via email to

[Prev in Thread] Current Thread [Next in Thread]