summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLibravatar Jeff King <peff@peff.net>2018-09-08 12:23:31 -0400
committerLibravatar Junio C Hamano <gitster@pobox.com>2018-09-11 12:50:21 -0700
commit801fa63a90e3619c91e0bb3e7a28140e6d31a097 (patch)
tree98c4a1d31fd5862de619db804a61357709b76872
parentGit 2.18 (diff)
downloadtgif-801fa63a90e3619c91e0bb3e7a28140e6d31a097.tar.xz
config.mak.dev: add -Wformat-security
We currently build cleanly with -Wformat-security, and it's a good idea to make sure we continue to do so (since calls that trigger the warning may be security vulnerabilities). Note that we cannot use the stronger -Wformat-nonliteral, as there are case where we are clever with passing around pointers to string literals. E.g., bisect_rev_setup() takes bad_format and good_format parameters. These ultimately come from literals, but they still trigger the warning. Some of these might be fixable (e.g., by passing flags from which we locally select a format), and might even be worth fixing (not because of security, but just because it's an easy mistake to pass the wrong format). But there are other cases which are likely quite hard to fix (we actually generate formats in a local buffer in some cases). So let's punt on that for now and start with -Wformat-security, which is supposed to catch the most important cases. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--config.mak.dev1
1 files changed, 1 insertions, 0 deletions
diff --git a/config.mak.dev b/config.mak.dev
index 2d244ca470..bfbd3df4e8 100644
--- a/config.mak.dev
+++ b/config.mak.dev
@@ -2,6 +2,7 @@ ifeq ($(filter no-error,$(DEVOPTS)),)
CFLAGS += -Werror
endif
CFLAGS += -Wdeclaration-after-statement
+CFLAGS += -Wformat-security
CFLAGS += -Wno-format-zero-length
CFLAGS += -Wold-style-definition
CFLAGS += -Woverflow