From 45cd40d11a9b5c7c89a3e989acffa0e5f3d0373f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Sat, 17 Sep 2022 20:08:44 +0200
Subject: [PATCH] Annotate cfg_error with format attribute

Format attributes help compilers to warn on format string misuses, like:

    cfg_error(cfg, user_defined_input)  // potential security issue
    cfg_error(cfg, "foo %d", "bar")

    confuse.c:1246:20: warning: format string is not a string literal [-Wformat-nonliteral]
                    vfprintf(stderr, fmt, ap);
                                     ^~~

Guard the annotation with __GNUC__, defined by GCC and Clang, which
support the GNU extension of function format attributes.
---
 src/confuse.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/confuse.h b/src/confuse.h
index a924a00..da669ae 100644
--- a/src/confuse.h
+++ b/src/confuse.h
@@ -770,6 +770,9 @@ DLLIMPORT cfg_errfunc_t __export cfg_set_error_function(cfg_t *cfg, cfg_errfunc_
 /** Show a parser error. Any user-defined error reporting function is called.
  * @see cfg_set_error_function
  */
+#ifdef __GNUC__
+__attribute__((__format__(__printf__, 2, 3)))
+#endif
 DLLIMPORT void __export cfg_error(cfg_t *cfg, const char *fmt, ...);
 
 /** Returns the option comment