Created attachment 188583 [details] Correct oversight of wrong format string with fewer arguments. fmtcheck(3) misjudges some format strings as valid when they have fewer arguments than default format strings have: ---- % uname -a FreeBSD freebsd 12.0-CURRENT FreeBSD 12.0-CURRENT #0 r325595: Thu Nov 9 16:03:47 UTC 2017 root@releng3.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 % cat test.c #include <stdio.h> int main() { const char *s1 = "One argument: %d", *s2 = "Two arguments: %d %d"; printf("%s\n", fmtcheck(s1, s2)); printf("%s\n", fmtcheck(s2, s1)); } % cc test.c && ./a.out One argument: %d One argument: %d ---- Here, the first line should be "Two arguments: %d %d". Please apply the attached patch, which has been committed to NetBSD by myself: http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fmtcheck.c#rev1.11
Sorry the patch posted here has been reverted in NetBSD. It turned out that some applications depends on the current behavior; they assume that fmtcheck(3) does not complain unused trailing arguments. The description in manpage is misleading. I will send a patch as soon as it gets committed to NetBSD.