The remaining warnings generated with -D_FORTIFY_SOURCE=2 are usages of asprintf in src/pacman/util.c. e.g. util.c: In function ‘display_targets’: util.c:533:12: warning: ignoring return value of ‘asprintf’, declared with attribute warn_unused_result What is the best way to deal with these? One idea is: - asprintf(&str, "%s-%s [%.2f MB]", alpm_pkg_get_name(pkg), - alpm_pkg_get_version(pkg), mbsize); + if(asprintf(&str, "%s-%s [%.2f MB]", alpm_pkg_get_name(pkg), + alpm_pkg_get_version(pkg), mbsize) == -1) { + pm_fprintf(stderr, PM_LOG_ERROR, _("failed to allocate string\n")); + } This prints an error, but does not actually bail, on failure of asprintf. This is an improvement over the current code as we would know where the error occurred, but feels wrong not to exit. Note that several of the functions affected return void, so erroring out is not a simple "return -1". So, any ideas on the best way to approach this? Allan