[cfe-dev] format security warning
Morrell, Michael
michael.morrell at intel.com
Thu Jun 5 14:55:06 PDT 2014
When -Wformat-security is enabled, I get a warning for:
void foo(const char *x)
{
printf(x);
}
which I expect since the format string isn’t a string literal, but I also get it for:
static const char *fmt = “hello\n”;
printf(fmt);
Granted the format string still isn’t a literal, but it is a known compile-time value and I don’t think I should get the warning for this case.
Is this a bug or intentional?
Michael
More information about the cfe-dev
mailing list