compiler warnings

Brian J. Tarricone bjt23 at cornell.edu
Thu Dec 25 20:48:23 CET 2008


To preface, gcc 4.3.2 here.

On Thu, 25 Dec 2008 14:06:23 +0100 Nick Schermer wrote:

> Did a bit of testing on some of the flags in the article and those
> are a bit annoying:
> 
> -Wdeclaration-after-statement:
> Could be quite hard to fix, with arrays like this:
> gdouble[][6] = { a_bunch_of_numbers_and_brackets };

Not sure I understand...  This:

int
main(int argc, char **argv)
{
    double foo[][6] = { { 3, 4, 5, 6, 7, 8 }, { 1, 2, 3, 4, 5, 6 } };
    return 0;
}

compiles fine with:

-Wall -Wextra -Wdeclaration-after-statement

I just get 3 warnings about foo, argc, and argv being unused, as
expected.

This also appears to be valid:

double bar = 4.4;
double foo[][6] = { { 3, bar, 5, 6, 7, 8 }, { 1, 2, 3, 4, 5, 6 } };

... even with -std=gnu89 or -std=c89, which is interesting... I thought
that kind of initialisation was a C99 thing, but I guess not... tho it
does generate a warning with -pedantic, but I don't really care so
much about that.

> -Wformat-nonliteral:
> Makes g_strdup_printf (format, message); unusable (both variables).
> Same for strftime related functions.

Well, if "format" is a variable from an untrusted source (and not a
string literal), I *do* want a warning thrown, as that could be a
security vulnerability.  If "format" is a variable with format
specifiers constructed by the programmer, then yeah, that's annoying,
but perhaps there's a better way to write that code that's less
ambiguous.

I guess possibly I could leave off -Wformat-nonliteral and replace it
with -Wformat-security.  It's not quite as safe -- you could still
concat a fixed format string with something supplied by the user, and
then supply a single extra argument to printf(), and it would be
unsafe, but get by without a warning, but this is better than nothing.

	-brian



More information about the Xfce4-dev mailing list