| Message ID | 1393458706-24883-1-git-send-email-peter.maydell@linaro.org |
|---|---|
| State | Superseded |
| Headers | show |
27.02.2014 03:51, Peter Maydell пишет: > The function qobject_from_json() doesn't actually allow its > argument to be a format string -- it passes a NULL va_list* > to qobject_from_jsonv(), and the parser code will then never > actually intepret %-escape sequences (it tests whether the > va_list pointer is NULL and will stop with a parse error). > > The spurious attribute markup causes clang warnings in some > of the test cases where we programmatically construct JSON > to feed to qobject_from_json(): > > tests/test-qmp-input-visitor.c:76:35: warning: format string is not a > string literal (potentially insecure) [-Wformat-security] > data->obj = qobject_from_json(json_string); > ^~~~~~~~~~~ > > Remove the incorrect attribute. Applied to -trivial, thank you! /mjt
Am 27.02.2014 00:51, schrieb Peter Maydell: > The function qobject_from_json() doesn't actually allow its > argument to be a format string -- it passes a NULL va_list* > to qobject_from_jsonv(), and the parser code will then never > actually intepret %-escape sequences (it tests whether the "interpret" > va_list pointer is NULL and will stop with a parse error). > > The spurious attribute markup causes clang warnings in some > of the test cases where we programmatically construct JSON > to feed to qobject_from_json(): > > tests/test-qmp-input-visitor.c:76:35: warning: format string is not a > string literal (potentially insecure) [-Wformat-security] > data->obj = qobject_from_json(json_string); > ^~~~~~~~~~~ > > Remove the incorrect attribute. > > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Otherwise Reviewed-by: Andreas Färber <afaerber@suse.de> Regards, Andreas
diff --git a/include/qapi/qmp/qjson.h b/include/qapi/qmp/qjson.h index 73351ed..ee4d31a 100644 --- a/include/qapi/qmp/qjson.h +++ b/include/qapi/qmp/qjson.h @@ -19,7 +19,7 @@ #include "qapi/qmp/qobject.h" #include "qapi/qmp/qstring.h" -QObject *qobject_from_json(const char *string) GCC_FMT_ATTR(1, 0); +QObject *qobject_from_json(const char *string); QObject *qobject_from_jsonf(const char *string, ...) GCC_FMT_ATTR(1, 2); QObject *qobject_from_jsonv(const char *string, va_list *ap) GCC_FMT_ATTR(1, 0);
The function qobject_from_json() doesn't actually allow its argument to be a format string -- it passes a NULL va_list* to qobject_from_jsonv(), and the parser code will then never actually intepret %-escape sequences (it tests whether the va_list pointer is NULL and will stop with a parse error). The spurious attribute markup causes clang warnings in some of the test cases where we programmatically construct JSON to feed to qobject_from_json(): tests/test-qmp-input-visitor.c:76:35: warning: format string is not a string literal (potentially insecure) [-Wformat-security] data->obj = qobject_from_json(json_string); ^~~~~~~~~~~ Remove the incorrect attribute. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Suggested-by: Paolo Bonzini <pbonzini@redhat.com> --- include/qapi/qmp/qjson.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)