Re: [libvirt] [PATCH] maint: don't permit format strings without %

On Mon, Jul 23, 2012 at 02:37:42PM -0600, Eric Blake wrote: > Any time we have a string with no % passed through gettext, a > translator can inject a % to cause a stack overread. When there > is nothing to format, it's easier to ask for a string that cannot > be used as a formatter, by using a trivial "%s" format instead. > > In the past, we have used --disable-nls to catch some of the > offenders, but that doesn't get run very often, and many more > uses have crept in. Syntax check to the rescue! Also with current GCC, even using '--disable-nls' doesn't produce any errors in this regard, hence why we have so many problems.

ACK