Dear Scott Wood,
In message 20110425144518.5a37bd4c@schlenkerla.am.freescale.net you wrote:
Mike Frysinger vapier@gentoo.org wrote:
...
that wasnt what i was saying. my point is simply that changing printf(foo); to printf("%s", foo); simply to satisfy a gcc warning is wrong and unnecessarily bloats the compiled code.
My point was that the warning should stay, until such a time as it's complaining about something that we actually want to do -- I've yet to see an example cited so far that didn't have an easy non-"bloating" fix.
I disagree. "printf(foo);" may be suboptimal but there are cases where I do not want to see a warning about this. Consider for example common/main.c:
115 # ifdef CONFIG_AUTOBOOT_PROMPT 116 printf(CONFIG_AUTOBOOT_PROMPT); 117 # endif
Here we provide a way for a user-defined autoboot prompt message. Some users may just want to provide a plain string - what's wrong with that? [Yes, there are other ways to implement this, but why make it more complicated than necessary?]
Even in a context such as U-Boot, IMHO format-string functions shouldn't be used in such a way -- it may not be a security issue, but it's a potential readability/maintainability issue when it may not be obvious from the other context where the string is defined, that any embedded percent characters must be doubled. It's a different situation from where a string literal is defined right in the context of the format-string function.
Again, I disagree.
Best regards,
Wolfgang Denk