* c-common.c (warn_format_security): New variable.

	(check_format_info): Warn about non-literal formats with no format
	arguments if either -Wformat-nonliteral or -Wformat-security is
	specified.
	(set_Wformat): Set warn_format_security for settings other than 1.
	* c-common.h (warn_format_security): Declare.
	* c-decl.c (c_decode_option): Decode -Wformat-security and
	-Wno-format-security.
	* invoke.texi: Document -Wformat-security.
	* toplev.c (documented_lang_options): Include -Wformat-security
	and -Wno-format-security.

cp:
	* decl2.c (lang_decode_option): Handle -Wformat-security.

testsuite:
	* format-sec-1.c: New test.


git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@38106 138bc75d-0d04-0410-961f-82ee72b054a4

1 files changed, 9 insertions, 2 deletions

diff --git a/gcc/c-common.c b/gcc/c-common.c
index 5e7666a08b3..2baba027a1f 100644
--- a/gcc/c-common.c
+++ b/gcc/c-common.c
@@ -193,6 +193,10 @@ int warn_format_extra_args;
 
 int warn_format_nonliteral;
 
+/* Warn about possible security problems with calls to format functions.  */
+
+int warn_format_security;
+
 /* Nonzero means warn about possible violations of sequence point rules.  */
 
 int warn_sequence_point;
@@ -2363,7 +2367,7 @@ check_format_info (status, info, params)
 	      params = TREE_CHAIN (params);
 	      ++arg_num;
 	    }
-	  if (params == 0 && warn_format_nonliteral)
+	  if (params == 0 && (warn_format_nonliteral || warn_format_security))
 	    status_warning (status, "format not a string literal and no format arguments");
 	  else if (warn_format_nonliteral)
 	    status_warning (status, "format not a string literal, argument types not checked");
@@ -3401,7 +3405,10 @@ set_Wformat (setting)
   warn_format_y2k = setting;
   warn_format_extra_args = setting;
   if (setting != 1)
-    warn_format_nonliteral = setting;
+    {
+      warn_format_nonliteral = setting;
+      warn_format_security = setting;
+    }
 }
 
 /* Print a warning if a constant expression had overflow in folding.