+++ This bug was initially created as a clone of Bug #97357 +++ Bug #97357 specifically disables -Wsuggest-attribute warnings. When I added the suggested attributes, I found a possible security vulnerability (Bug #98157) and some other bugs. We should enable these compiler warnings, and let the compiler help us.
Testing <https://github.com/smcv/dbus/tree/suggest-attribute> on Travis-CI.
Some of these patches assume that the patches from Bug #97357 are applied first.
Created attachment 127185 [details] [review] _dbus_listen_tcp_socket: correct format string res is an integer, not a string. Bug found by adding more _DBUS_GNUC_PRINTF attributes.
Created attachment 127186 [details] [review] dbus_signature_validate: be sure to use a literal format string This was not a security vulnerability because _dbus_validity_to_error_message() doesn't return anything containing "%", but the compiler can't know that. Found by adding more _DBUS_GNUC_PRINTF attributes.
Created attachment 127187 [details] [review] dbus-nonce: print sockets correctly Since early 2015, a DBusSocket has been a struct containing either an int or a pointer-sized Windows SOCKET. Print them with "%" DBUS_SOCKET_FORMAT and _dbus_socket_printable().
Created attachment 127188 [details] [review] Print errors parsing match rules correctly Not an exploitable vulnerability, just incorrect output.
Created attachment 127189 [details] [review] Print XML parse errors correctly
Created attachment 127190 [details] [review] dbus-file-win: print a HANDLE correctly HANDLEs are pointers, not integers.
Created attachment 127191 [details] [review] dbus-launch-x11: print a window ID portably On LP64 platforms, a Window is unsigned long.
Created attachment 127192 [details] [review] test-privserver: avoid -Wformat-security This is not a security vulnerability because it's test code that should never be compiled in production.
Created attachment 127193 [details] [review] test-segfault: mark exception_handler as NORETURN It calls ExitProcess(), which is correctly detected as not returning.
Created attachment 127194 [details] [review] Enable format, noreturn, unused attributes for clang I'm assuming here that any version of clang will be new enough to understand gcc 2.4 features, which seems rather safe.
Created attachment 127195 [details] [review] Add missing format attributes suggested by -Wsuggest-attribute=format
Created attachment 127196 [details] [review] Add missing function attributes suggested by clang (but not by gcc) clang is a little more enthusiastic about suggesting these.
Created attachment 127197 [details] [review] Configure the compiler to suggest useful function attributes --- Requires Attachment #127179 [details] from Bug #97357.
Timed out, pushed unreviewed for 1.11.8. Please revert anything that is problematic.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.