1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/patches/gcc/4.4.3/140-default-format-security.patch Wed May 09 18:17:17 2012 +0200
1.3 @@ -0,0 +1,49 @@
1.4 +diff -durN gcc-4.4.0.orig/gcc/c-common.c gcc-4.4.0/gcc/c-common.c
1.5 +--- gcc-4.4.0.orig/gcc/c-common.c 2009-03-30 19:42:27.000000000 +0200
1.6 ++++ gcc-4.4.0/gcc/c-common.c 2009-05-27 21:38:08.000000000 +0200
1.7 +@@ -301,7 +301,7 @@
1.8 + /* Warn about format/argument anomalies in calls to formatted I/O functions
1.9 + (*printf, *scanf, strftime, strfmon, etc.). */
1.10 +
1.11 +-int warn_format;
1.12 ++int warn_format = 1;
1.13 +
1.14 + /* Warn about using __null (as NULL in C++) as sentinel. For code compiled
1.15 + with GCC this doesn't matter as __null is guaranteed to have the right
1.16 +diff -durN gcc-4.4.0.orig/gcc/c.opt gcc-4.4.0/gcc/c.opt
1.17 +--- gcc-4.4.0.orig/gcc/c.opt 2009-03-18 22:14:53.000000000 +0100
1.18 ++++ gcc-4.4.0/gcc/c.opt 2009-05-27 21:38:08.000000000 +0200
1.19 +@@ -236,7 +236,7 @@
1.20 + Warn about format strings that contain NUL bytes
1.21 +
1.22 + Wformat-security
1.23 +-C ObjC C++ ObjC++ Var(warn_format_security) Warning
1.24 ++C ObjC C++ ObjC++ Var(warn_format_security) Init(1) Warning
1.25 + Warn about possible security problems with format functions
1.26 +
1.27 + Wformat-y2k
1.28 +diff -durN gcc-4.4.0.orig/gcc/doc/invoke.texi gcc-4.4.0/gcc/doc/invoke.texi
1.29 +--- gcc-4.4.0.orig/gcc/doc/invoke.texi 2009-04-01 09:18:47.000000000 +0200
1.30 ++++ gcc-4.4.0/gcc/doc/invoke.texi 2009-05-27 21:38:08.000000000 +0200
1.31 +@@ -2867,6 +2867,9 @@
1.32 + @option{-Wformat-nonliteral}, @option{-Wformat-security}, and
1.33 + @option{-Wformat=2} are available, but are not included in @option{-Wall}.
1.34 +
1.35 ++NOTE: In Gentoo, this option is enabled by default for C, C++, ObjC, ObjC++.
1.36 ++To disable, use @option{-Wformat=0}.
1.37 ++
1.38 + @item -Wformat-y2k
1.39 + @opindex Wformat-y2k
1.40 + @opindex Wno-format-y2k
1.41 +@@ -2920,6 +2923,11 @@
1.42 + in future warnings may be added to @option{-Wformat-security} that are not
1.43 + included in @option{-Wformat-nonliteral}.)
1.44 +
1.45 ++NOTE: In Gentoo, this option is enabled by default for C, C++, ObjC, ObjC++.
1.46 ++To disable, use @option{-Wno-format-security}, or disable all format warnings
1.47 ++with @option{-Wformat=0}. To make format security warnings fatal, specify
1.48 ++@option{-Werror=format-security}.
1.49 ++
1.50 + @item -Wformat=2
1.51 + @opindex Wformat=2
1.52 + @opindex Wno-format=2