hedenface
commented
7 years ago I'm working on a good "Contributors" document for all of the Nagios Open Source projects - one of those steps will include adding yourself to the Thanks document.
Are you able to adjust your PR to include yourself in the THANKS file?
Thanks!
orlitzky
The
syslogfunction takes as its second argument a format string (a laprintf), but if the third parameter is a string, then the format string can be omitted. This has led to security vulnerabilities in the past, and compilers can now warn about it. In particular, GCC has the-Wformat-securityoption, which can be made an error with-Werror=format-security.A few such two-argument calls were present in
src/queue.c, where constant strings were being logged to syslog. This commit adds the second format string parameter (simply%sin this case) to avoid the compiler warnings.More information about format-security can be found in Fedora's FAQ:
https://fedoraproject.org/wiki/Format-Security-FAQ