On 2009-01-18, at 09:56, Peter Eisentraut wrote:
> On Sunday 18 January 2009 08:28:51 Tom Lane wrote:
>> Yeah, the risk this is trying to guard against is variables
>> containing
>> "%" unexpectedly. Even if that's not possible, it requires some work
>> to verify and it's a bit fragile. I didn't look at the specific
>> cases
>> yet but in general I think this is a good policy.
>
> -Wformat-security warns about
>
> printf(var);
>
> but not about
>
> printf(var, a);
>
> I don't understand that; the crash or exploit potential is pretty
> much the
> same in both cases.
not at all. First case allows you to pass in var from outside, with
your, well crafted format strings. Please read more about subject,
before you say something that silly.