From: Mark Janes <mark.a.janes@intel.com>
Date: Mon, 3 Jun 2019 23:59:45 +0000 (-0700)
Subject: mesa: prevent common string formatting security issues
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=c9c1e26106478258d8a91fe8fc5c69d8c3fa5206;p=mesa.git

mesa: prevent common string formatting security issues

Adds a compile-time error for obvious security issues like:

  printf(string_var);

The proposed flag is more tolerant than -Wformat-nonliteral.
Specifically, it tolerates common mesa formatting like:

  static const char *shader_template = "really long string %d";
  printf(shader_template, uniform_number);

Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=110833
Reviewed-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Eric Engestrom <eric@engestrom.ch>
---

diff --git a/meson.build b/meson.build
index 1d32d909c95..949ab970089 100644
--- a/meson.build
+++ b/meson.build
@@ -849,6 +849,8 @@ c_args = []
 foreach a : ['-Werror=implicit-function-declaration',
              '-Werror=missing-prototypes', '-Werror=return-type',
              '-Werror=incompatible-pointer-types',
+             '-Werror=format',
+             '-Wformat-security',
              '-fno-math-errno',
              '-fno-trapping-math', '-Qunused-arguments']
   if cc.has_argument(a)
@@ -870,6 +872,8 @@ endif
 # Check for generic C++ arguments
 cpp_args = []
 foreach a : ['-Werror=return-type',
+             '-Werror=format',
+             '-Wformat-security',
              '-fno-math-errno', '-fno-trapping-math',
              '-Qunused-arguments']
   if cpp.has_argument(a)