[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] fix not a string literal warning in test_xasprintf
From: |
Bruno Haible |
Subject: |
Re: [PATCH v2] fix not a string literal warning in test_xasprintf |
Date: |
Thu, 05 Apr 2012 12:48:17 +0200 |
User-agent: |
KMail/4.7.4 (Linux/3.1.0-1.2-desktop; KDE/4.7.4; x86_64; ; ) |
More about security warnings and style warnings:
> So, the warning "format not a string literal and no format arguments" or,
> more generally "format with no format arguments", is a *style* warning,
> not a *security* warning.
The idea is that security warnings are about situations that are dangerous
at runtime. Whereas style warnings ensure certain coding conventions.
So, a difference between style warnings and security warnings is that it
makes sense to enable security warnings on an entire distribution, whereas
style warnings can be enabled on specific projects. For coreutils you
shouldn't enable all possible style warnings, since the coreutils contributors
don't do beginner mistakes.
Bruno