Peter Eisentraut <peter_e@gmx.net> writes:
> You apparently have your compiler configured with -Wformat-security. Our code
> doesn't do that. I think the cases the warning complains about are fine and
> the way the warning is designed is a bit bogus.
Hm, only a bit. You know, we've had precisely this bug at least once not that
long ago. And the way the warning is designed it won't fire any false
positives except in cases that are easily avoided.
There's an argument to be made that the code is easier to audit if you put the
"%s" format string in explicitly too. Even if the current code is correct you
have to trace the variable back up to its source to be sure. If you add the
escape then you can see that the code is safe just from that line of code
alone.
-- Gregory Stark EnterpriseDB http://www.enterprisedb.com Ask me about EnterpriseDB's Slony Replication
support!