I turned on the -Wformat-security flag in my makefile and got "format not a string literal and no format arguments" as a warning. Here's one of the lines it refers to.

if (IS_NPC(ch))
            sprintf(name, ch->short_descr);
        else if (!IS_NPC(ch) && IS_AFFECTED(ch,AFF_POLYMORPH))
            sprintf(name, ch->morph);

the sprintf(name,ch->short_descr); is the complaint. Anybody know a way around this? I googled it and saw several mentions of the first part of that warning, the format not a string literal part. But everybody said there was no way around that warning. Any help would be appreciated.

The purpose of that warning is to tell you that by having a string that is not a string literal be in the place of the format string the function can't check against the format string for safety. To correct it, you need to give it a format string that is a string literal.

Example of one of your calls in a corrected form:

sprintf( name, "%s", ch->short_descr );

I'll give that a shot, thanks lobotomy

[edit to add] that fixed them all, thanks again Lobotomy

Well, really, since you're just setting a buffer to a single string value, it makes more sense to just strcpy the string in. Ideally, you would use strncpy to avoid buffer overflows.

bah, too much effort to go back through and undo the fixes since there were problems with just about every file. I'll keep that in mind for the future though, thanks for the suggestion.

Easy enough to fix with a regular expression, but it's not a big problem. Not using strncpy is more of a problem if you're not correctly sanitizing the input to the string assignment.

I just changed operating systems for my coding port and am overloaded with these warnings:) I will fix them as I have time but would rather not stare at the issue every hour.

How do I shut the wformat warning or suppress them?

warning: format not a string literal and no format arguments [-Wformat-security]

Also, I am now getting an error regarding
signals.c: In function checkpointing:
signals.c:107:45: error: REG_EIP undeclared (first use in this function)
signals.c:107:45: note: each undeclared identifier is reported only once for each function it appears in
make: *** [../sloth_obj/signals.o] Error 1

Ive googled it and tried changing the placements, as you can see below:
/* ****************************************************************************
* file: signals.c – signal handling system for SlothMUD . *
* Part of SlothMUD II Copyright (C) 19921 - see 'slicence.doc' and *
* 'licence.doc' for complete details. *
***************************************************************************** */

/* ************************************************************************
* file: signals.c , trapping of signals from Unix. Part of DIKUMUD *
* Usage : Signal Trapping. *
* Copyright (C) 1990, 1991 - see 'license.doc' for complete information. *
************************************************************************* */

#define __USE_GNU
#include <sys/ucontext.h>

#include <signal.h>
#include <stdio.h>
#include <time.h>

#ifndef WIN32
#include <sys/time.h>
#include <execinfo.h>

/* get REG_EIP from ucontext.h */
#include <ucontext.h>
#define __USE_GNU




Any ideas?

Appreciate it,

Does this help?
http://stackoverflow.com/questions/56792...

The mention #define _GNU_SOURCE

Pretty odd error :P

Im not entirely sure what worked, but I installed glibc dev packages and then included the following in the makefile:
-D_GNU_SOURCE


All compiles again, appreciate it. I had seen that link but ignored the cflag idea:(