1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
# DP: Turn on -Wformat -Wformat-security by default for C, C++, ObjC, ObjC++.
---
gcc/c-common.c | 2 +-
gcc/c.opt | 2 +-
gcc/doc/invoke.texi | 8 ++++++++
3 files changed, 10 insertions(+), 2 deletions(-)
Index: b/src/gcc/c-family/c.opt
===================================================================
--- a/src/gcc/c-family/c.opt
+++ b/src/gcc/c-family/c.opt
@@ -401,7 +401,7 @@
Warn about format strings that are not literals
Wformat-security
-C ObjC C++ ObjC++ Var(warn_format_security) Warning LangEnabledBy(C ObjC C++ ObjC++,Wformat=, warn_format >= 2, 0)
+C ObjC C++ ObjC++ Var(warn_format_security) Warning LangEnabledBy(C ObjC C++ ObjC++,Wformat=, warn_format >= 2, 0) Init(1)
Warn about possible security problems with format functions
Wformat-y2k
Index: b/src/gcc/doc/invoke.texi
===================================================================
--- a/src/gcc/doc/invoke.texi
+++ b/src/gcc/doc/invoke.texi
@@ -3351,6 +3351,11 @@
in future warnings may be added to @option{-Wformat-security} that are not
included in @option{-Wformat-nonliteral}.)
+NOTE: In Ubuntu 8.10 and later versions this option is enabled by default
+for C, C++, ObjC, ObjC++. To disable, use @option{-Wno-format-security},
+or disable all format warnings with @option{-Wformat=0}. To make format
+security warnings fatal, specify @option{-Werror=format-security}.
+
@item -Wformat-y2k
@opindex Wformat-y2k
@opindex Wno-format-y2k
|
