Another problem pointed out by clang Using format specifiers without arguments in printf is still bad. openbox/debug.c:105:18: warning: format string is not a string literal (potentially insecure) fprintf(out, log_domain); ^~~~~~~~~~ openbox/debug.c:107:18: warning: format string is not a string literal (potentially insecure) fprintf(out, level); ^~~~~ openbox/debug.c:109:18: warning: format string is not a string literal (potentially insecure) fprintf(out, message); ^~~~~~~
Mikael Magnusson mikachu@gmail.com
1 files changed,
3 insertions(+),
3 deletions(-)
jump to
M
openbox/debug.c
→
openbox/debug.c
@@ -102,11 +102,11 @@
static inline void log_print(FILE *out, const gchar* log_domain, const gchar *level, const gchar *message) { - fprintf(out, log_domain); + fprintf(out, "%s", log_domain); fprintf(out, "-"); - fprintf(out, level); + fprintf(out, "%s", level); fprintf(out, ": "); - fprintf(out, message); + fprintf(out, "%s", message); fprintf(out, "\n"); fflush(out); }