x86/disasm: Do not use format string without format specifiers
The x86 disassembler is updated to avoid using format strings without format specifiers, fixing a build failure with -Werror=format-security.
This patch modifies the x86 disassembler to avoid using format strings without format specifiers, which fixes a build failure when compiling with -Werror=format-security on i686. The patch addresses issue PR binutils/34168.
- proposer
Proposes a patch to fix a build failure due to using format strings without format specifiers.
- other
Suggests dropping the patch on i686, as the issue should be present on all platforms. Also requests mentioning that the patch fixes PR binutils/34168 in the commit log.
“Drop on i686. It should fail with -Werror=format-security on all platforms.”
- other
Agrees to drop the i686-specific fix and include the PR number in the commit message.
“Agree and will do!”
Technical Tradeoffs
- The patch adds format specifiers to existing calls, ensuring that the code remains functional and secure.
In Details
This patch modifies opcodes/i386-dis.c to address a format string vulnerability. The disassembler uses i386_dis_printf to print output, and the patch ensures that format strings are always accompanied by appropriate format specifiers. This resolves a build error triggered by -Werror=format-security.
For Context
A disassembler translates machine code into human-readable assembly language. Format string vulnerabilities occur when a program uses user-controlled input as a format string in functions like printf. This patch fixes such a vulnerability in the x86 disassembler by ensuring that all format strings are properly specified, thereby preventing potential security issues and build failures.