depends bdb -Werror=format-security "format not a string literal and no format arguments" #25211

issue ryanofsky opened this issue on May 25, 2022

ryanofsky commented at 3:10 PM on May 25, 2022: contributor

Running make -C depends on nixos with gcc 10.3.0 results in

libtool: compile:  gcc -c -I. -I../dist/./.. -I/home/russ/work/bitcoin/depends/x86_64-pc-linux-gnu/include -D_GNU_SOURCE -D_REENTRANT -pipe -O2 -Wno-error=implicit-function-declaration ../dist/./../txn/txn.c  -fPIC -DPIC -o txn.o
../dist/./../txn/txn.c: In function ‘__txn_begin’:
../dist/./../txn/txn.c:171:3: error: format not a string literal and no format arguments [-Werror=format-security]
  171 |   __db_errx(env, TxnAlloc);
      |   ^~~~~~~~~
../dist/./../txn/txn.c: In function ‘__txn_compensate_begin’:
../dist/./../txn/txn.c:318:3: error: format not a string literal and no format arguments [-Werror=format-security]
  318 |   __db_errx(env, TxnAlloc);
      |   ^~~~~~~~~
cc1: some warnings being treated as errors
make[1]: *** [Makefile:1980: txn.o] Error 1
make[1]: Leaving directory '/home/russ/work/bitcoin/depends/work/build/x86_64-pc-linux-gnu/bdb/4.8.30-1205703c56a/build_unix'
make: *** [funcs.mk:288: /home/russ/work/bitcoin/depends/work/build/x86_64-pc-linux-gnu/bdb/4.8.30-1205703c56a/build_unix/.stamp_built] Error 2
make: Leaving directory '/home/russ/work/bitcoin/depends'

I could work around it with

diff --git a/depends/packages/bdb.mk b/depends/packages/bdb.mk
index dc536fd3991..b69276cb154 100644
--- a/depends/packages/bdb.mk
+++ b/depends/packages/bdb.mk
@@ -14,7 +14,7 @@ $(package)_config_opts_freebsd=--with-pic
 $(package)_config_opts_netbsd=--with-pic
 $(package)_config_opts_openbsd=--with-pic
 $(package)_config_opts_android=--with-pic
-$(package)_cflags+=-Wno-error=implicit-function-declaration
+$(package)_cflags+=-Wno-error=implicit-function-declaration -Wno-error=format-security
 $(package)_cxxflags+=-std=c++17
 $(package)_cppflags_mingw32=-DUNICODE -D_UNICODE
 endef

But I don't know if this is the right fix or if there possibly is a real bug in the code causing the warning.

ryanofsky added the label Bug on May 25, 2022
laanwj commented at 6:57 AM on May 26, 2022: member
What is adding -Werror in the first place?

Edit: Oh, BerkeleyDB's build system does?

FWIW, for zeromq we explicitly disable Werror, maybe it makes sense here too:
```
depends/packages/zeromq.mk:  $(package)_config_opts += --disable-Werror --disable-drafts --enable-option-checking
```
laanwj added the label Build system on May 26, 2022
ryanofsky commented at 2:30 PM on May 26, 2022: contributor

I think in general it is good to disable Werror for any kind of external packaging. Internally, since we do care very much about dependencies though, it maybe be good to let some warnings trigger errors, particularly security warnings like this one.

In this case it's probably worth looking into the warning to see if it's real. I believe this warning is about printing a c string with printf(c_str) instead of printf("%s", c_str), which can be a bad thing to do.
fanquake commented at 11:46 AM on July 29, 2022: member

I could work around it with

I think in this case your suggested patch is the best fix, assuming there's no other warnings causing Werror to blow up in your nix build. I think it's unlikey that we'd patch bdb at this point.
fanquake referenced this in commit b46c6ec52e on Aug 1, 2022
fanquake closed this on Aug 2, 2022
fanquake referenced this in commit eb72f6323d on Aug 2, 2022
sidhujag referenced this in commit 65fc37459b on Aug 2, 2022
Rspigler referenced this in commit b997a6c62a on Aug 21, 2022
fanquake referenced this in commit c14f3b3905 on Apr 18, 2023
bitcoin locked this on Aug 2, 2023

Contributors

Labels

Linked (view graph)

#25763 bdb: disable Werror for format-security