Thread: gtk_message_dialog_new showing literal warning!

  1. 05-15-2012 #1
    Ravi Raj
    Ravi Raj is offline
    Registered User Ravi Raj's Avatar
    Join Date
    May 2012
    Location
    INDIA
    Posts
    43

    gtk_message_dialog_new showing literal warning!

    Hello friends,

    Please have a look to the code below:

    Code:
    void
error_message(const gchar* message)
{
    GtkWidget *dialog;
    
    g_warning("%s", message);
    
    dialog = gtk_message_dialog_new(NULL, GTK_DIALOG_MODAL | GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_OK, message);

    gtk_window_set_title(GTK_WINDOW(dialog), "Program Error!");
    gtk_dialog_run(GTK_DIALOG(dialog));
    gtk_widget_destroy(dialog);
}
    The above given code is showing the following error:
    Code:
    warning: format not a string literal and no format arguments [-Wformat-security]
    in line:
    Code:
    dialog = gtk_message_dialog_new(NULL, GTK_DIALOG_MODAL |  GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_OK,  message);
    near 'message' variable, I don't know where I am wrong.
    Please help.
    Last edited by Ravi Raj; 05-15-2012 at 07:17 AM. Reason: simple code changes
  2. 05-15-2012 #2
    Salem
    Salem is offline
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,659
    It's warning you that you're doing basically the same as this

    Code:
    void foo ( char *message ) {
    printf(message);
}
    If this code is called with a string containing % characters, then it is well and truly broken.
    Get the right mix of % formats, and all sorts of really bad things happen (lookup format string attacks on the web).

    Instead, consider doing something like
    Code:
    dialog = gtk_message_dialog_new(NULL, 
        GTK_DIALOG_MODAL |  GTK_DIALOG_DESTROY_WITH_PARENT, 
        GTK_MESSAGE_ERROR, GTK_BUTTONS_OK,  
        "%s", message);
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
  3. 05-15-2012 #3
    Ravi Raj
    Ravi Raj is offline
    Registered User Ravi Raj's Avatar
    Join Date
    May 2012
    Location
    INDIA
    Posts
    43

    Thanks.

    Quote Originally Posted by Salem View Post
    It's warning you that you're doing basically the same as this

    Code:
    void foo ( char *message ) {
    printf(message);
}
    If this code is called with a string containing % characters, then it is well and truly broken.
    Get the right mix of % formats, and all sorts of really bad things happen (lookup format string attacks on the web).

    Instead, consider doing something like
    Code:
    dialog = gtk_message_dialog_new(NULL, 
        GTK_DIALOG_MODAL |  GTK_DIALOG_DESTROY_WITH_PARENT, 
        GTK_MESSAGE_ERROR, GTK_BUTTONS_OK,  
        "%s", message);
    That solved my problem.
« Previous Thread | Next Thread »
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Modifying a string literal
    By Richardcavell in forum C Programming
    Replies: 3
    Last Post: 02-15-2011, 12:26 AM
  2. string literal assignment
    By @nthony in forum C Programming
    Replies: 1
    Last Post: 03-13-2009, 12:06 PM
  3. Literal UL
    By shani in forum C Programming
    Replies: 4
    Last Post: 02-09-2008, 03:53 PM
  4. use of hex literal constant
    By happycoder in forum C++ Programming
    Replies: 6
    Last Post: 06-07-2003, 11:45 PM
  5. String literal
    By subdene in forum C++ Programming
    Replies: 5
    Last Post: 11-05-2002, 02:10 PM

Tags for this Thread