Bug 1025300

Summary: include "-Wformat-security" in "-Wall" (RFE)
Product: [Fedora] Fedora Reporter: Dhiru Kholia <dkholia>
Component: gccAssignee: Jakub Jelinek <jakub>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: bressers, jakub, law, notting, sgallagh
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-31 12:45:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Dhiru Kholia 2013-10-31 12:36:00 UTC 
It would be great if "-Wformat-security" could be included in "-Wall".

For more details, please see https://fedorahosted.org/fesco/ticket/1185 URL.
Comment 1 Jakub Jelinek 2013-10-31 12:45:26 UTC 
I certainly don't want to diverge from upstream meaning of -Wall, the set of warnings enabled by default resp. in -Wall resp. in -W shouldn't change through vendor adjustments, if some project using -Werror takes time to ensure it is error (warning promoted to errors) free for some GCC x.y version, if various vendor GCC versions would diverge that, it would be a nightmare for developers.
If you want -Wformat-security for Fedora, just set it in $RPM_OPT_FLAGS.
Comment 2 Bill Nottingham 2013-10-31 15:32:00 UTC 
... is there a reason it can't be proposed as an upstream change?
Comment 3 Jakub Jelinek 2013-10-31 15:38:15 UTC 
It isn't a warning without small rate of false positives, I'd categorize it more as a coding style warning, so I personally don't think it is a good idea to include it in -Wall and thus perhaps am not the right person to champion such a change.  Anyone who thinks there are sufficient arguments for that can surely propose it in http://gcc.gnu.org/bugzilla/, though there is less than a month before new features won't be accepted anymore for 4.9.
Comment 4 Jakub Jelinek 2013-10-31 15:40:18 UTC 
Note, -D_FORTIFY_SOURCE (not even =1) isn't on by default either, and the most dangerous thing that would result from user controlled strings being passed to *printf family of function is %n, which is blocked already by -D_FORTIFY_SOURCE=2.
Comment 5 Stephen Gallagher 2013-11-06 18:08:49 UTC 
If we don't include it in -Wall, could we at least argue for inclusion in -Wextra?
Comment 6 Jakub Jelinek 2013-11-06 18:11:26 UTC 
That is the same thing.