Summary: | sys-devel/gcc-4.9.4 - .../work/gcc-4.9.4/libcpp/expr.c:674:18: error: format not a string literal and no format arguments [-Werror=format-security] | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | René Rhéaume <rene.rheaume> |
Component: | Current packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
emerge --info
build.log gcc-build-logs.tar.bz2 gcc-4.9.4-format-security.patch |
Description
René Rhéaume
2017-09-03 16:50:03 UTC
Created attachment 492144 [details]
emerge --info
Created attachment 492146 [details]
build.log
Created attachment 492148 [details]
gcc-build-logs.tar.bz2
/var/tmp/portage/sys-devel/gcc-4.9.4/work/gcc-build-logs.tar.bz2 as requested in the detailed error message
* CFLAGS="-march=athlon64-sse3 -O2 -pipe -fno-strict-overflow -fstack-check -Wformat -Werror=format-security" Turning warnings into errors (-Werror*) does not make your system more secure. Created attachment 497284 [details, diff]
gcc-4.9.4-format-security.patch
Meanwhile, I made a patch to fix those format security problems. Here it is.
CFLAGS="-march=athlon64-sse3 -O2 -pipe -fno-strict-overflow -fstack-check -ffunction-sections -fdata-sections -Wformat -Werror=format-security -static-libgcc" -Werror=format-security is not a security flag - it's a development aid. Just remove it. |