[Bug 1580348] Re: mksh 52c bi_errorf(Tbadsubst) format string is not a string literal

[Thorsten Glaser]

** Changed in: mksh
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mksh in Ubuntu.
https://bugs.launchpad.net/bugs/1580348

Title:
  mksh 52c bi_errorf(Tbadsubst) format string is not a string literal

Status in mksh:
  Fix Released
Status in mksh package in Ubuntu:
  Invalid

Bug description:
  Lastest mksh/histrap.c (R52c) has a warning from clang/llvm compiler.
  It is a tricky use of pointer to the middle of string literals,
  which is recognized by gcc but not clang/llvm.

  This warning now blocks mksh upgrade in Android open source.
  Could you fix the following warning and other places that use
  bi_errorf(Tbadsubst) or internal_errorf(Tbadsubst)?

  histrap.c:220:15: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
                                  bi_errorf(Tbadsubst);
                                            ^~~~~~~~~
  sh.h:891:19: note: expanded from macro 'Tbadsubst'
  #define Tbadsubst       (Tfg_badsubst + 10)     /* "bad substitution" */
                          ^~~~~~~~~~~~~~~~~~

  
  The warning can be fixed by changing
     bi_errorf(Tbadsubst);
  to
     bi_errorf("%s", Tbadsubst);

  If adding a few bytes is not acceptable, could you change
     bi_errorf(Tbadsubst);
  to
     bi_errorf0(Tbadsubst);
  where bi_errorf0 is declared as
     void bi_errorf0(const char *);  // without format check
  and implemented as a weak alias:
     void bi_errorf0(const char *s) __attribute__((weak, alias("bi_errorf")));

  
  Attached file is a suggested patch to compile with Android.

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mksh/+bug/1580348/+subscriptions