From: Yichao Yu <yyc1992@gmail.com>
To: Vladimir Mezentsev <vladimir.mezentsev@oracle.com>
Cc: gdb@sourceware.org
Subject: Re: Werror=format-security issue from gprofng/src/Print.cc
Date: Sun, 12 Jun 2022 18:29:49 -0400 [thread overview]
Message-ID: <CAMvDr+Rzr4dgixECk8EyutDfW_YN4vBkK0aza+2e50APyc8nFA@mail.gmail.com> (raw)
In-Reply-To: <830ae07b-3c4a-4716-7666-6e7d9cf422d1@oracle.com>
On Fri, Jun 10, 2022 at 1:20 PM Vladimir Mezentsev <
vladimir.mezentsev@oracle.com> wrote:
>
> This is 28968 <https://sourceware.org/bugzilla/show_bug.cgi?id=28968> -
> gprofng doesn't build with -Werror=format-security
>
> I'm working on it. I'll fix it by Monday/Tuesday.
>
Awesome!
There are a few more cases that are less of a logical issue (not used with
variable number of arguments)
glad it's being taken care of.
Yichao
>
> -Vladimir
>
>
> Vladimir, can you look at this?
>
>
>
> -------- Forwarded Message --------
> Subject: Werror=format-security issue from gprofng/src/Print.cc
> Date: Tue, 7 Jun 2022 10:49:50 -0400
> From: Yichao Yu via Gdb <gdb@sourceware.org> <gdb@sourceware.org>
> Reply-To: Yichao Yu <yyc1992@gmail.com> <yyc1992@gmail.com>
> To: gdb@sourceware.org
>
>
>
> I got a format-security werror on gprofng/src/Print.cc when trying to
> build the master version of gdb (the compiler flag is added by the
> archlinuxcn build machine).
>
> While I could disable the flag, I think there might be a real issue
> looking at the code.
>
> The line that causes the issue ishttps://github.com/bminor/binutils-gdb/blob/master/gprofng/src/Print.cc#L2616,
> which uses a "dynamic" format string without any argument. AFAICT, the
> fmt3 is only ever initialized in
> `er_print_experiment::overview_summary` and if I read it correctly,
> it's initialized to a string with no actual formatting inputs other
> than a `%%`. It is used, however, twice in
> `er_print_experiment::overview_value`, one given two zeros as the
> arguments and one given no arguments so it looks a bit suspicious.
>
> The git log shows now history of this file so I'm not sure what's the
> intention but my best guess is
>
> 1. the `fprintf (out_file, fmt3, 0., 0.);` was meant to be using
> `fmt4`. (I assume this is to avoid nan from total_value = 0), or
> 2. since fmt3 is actually a string that's more or less "0.0 (0.0)"
> with padding, the two `0.`s passed to fmt3 are probably bogus and it
> should be the same as the `fprintf (out_file, fmt3);` below
>
> if my understanding is correct, I think in either case one can simply
> avoid using fmt3 with fprintf by just removing the extra % from it and
> directly write it to the output instead. (i.e.https://gist.github.com/yuyichao/7e7cc2f240a1a6e92a1b2a9da8eb3905)
> Did I miss anything?
>
> Yichao
>
>
>
prev parent reply other threads:[~2022-06-12 22:30 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-07 14:49 Yichao Yu
[not found] ` <fdb91dc6-2e5d-fd95-1cf6-56a1839ff231@oracle.com>
2022-06-10 17:20 ` Fwd: " Vladimir Mezentsev
2022-06-12 22:29 ` Yichao Yu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMvDr+Rzr4dgixECk8EyutDfW_YN4vBkK0aza+2e50APyc8nFA@mail.gmail.com \
--to=yyc1992@gmail.com \
--cc=gdb@sourceware.org \
--cc=vladimir.mezentsev@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).