[packages/poldek.git] / poldek-Werror-format-security.patch

diff -ur poldek-0.30/cli/ls.c poldek-0.30-Werror-format-security/cli/ls.c
--- poldek-0.30/cli/ls.c	2012-09-10 13:00:43.301558181 +0200
+++ poldek-0.30-Werror-format-security/cli/ls.c	2012-09-10 13:00:07.921559430 +0200
@@ -98,7 +98,7 @@
     switch (key) {
         case 'l':
             if (cmdctx->_flags & OPT_LS_GROUP) {
-                logn(LOGERR, errmsg_excl);
+                logn(LOGERR, "%s", errmsg_excl);
                 return EINVAL;
             }
             
@@ -111,7 +111,7 @@
 
         case 'G':
             if (cmdctx->_flags & OPT_LS_LONG || cmdctx->_flags & OPT_LS_SOURCERPM) {
-                logn(LOGERR, errmsg_excl);
+                logn(LOGERR, "%s", errmsg_excl);
                 return EINVAL;
             }
 
@@ -120,7 +120,7 @@
 
         case 's':
             if (cmdctx->_flags & OPT_LS_LONG || cmdctx->_flags & OPT_LS_GROUP) {
-                logn(LOGERR, errmsg_excl);
+                logn(LOGERR, "%s", errmsg_excl);
                 return EINVAL;
             }
 
@@ -426,7 +426,7 @@
 static
 int do_ls(const tn_array *ents, struct cmdctx *cmdctx, const tn_array *evrs)
 {
-    char                 hdr[256], fmt_hdr[256], fmt_pkg[256];
+    char                 hdr[256];
     int                  i, size, err = 0, npkgs = 0;
     register int         incstep = 0;
     int                  term_width, term_width_div2;
@@ -443,44 +443,32 @@
     *hdr = '\0';
 
     if (flags & OPT_LS_GROUP || flags & OPT_LS_SOURCERPM) {
-        snprintf(fmt_hdr, sizeof(fmt_hdr), "%%-%ds%%-%ds\n",
-                 term_width_div2 + term_width_div2/10, (term_width/7));
-
-        snprintf(fmt_pkg, sizeof(fmt_pkg), "%%-%ds %%-%ds\n",
-                 term_width_div2 + term_width_div2/10 - 1, (term_width/7));
-
 	if (flags & OPT_LS_GROUP)
-	    snprintf(hdr, sizeof(hdr), fmt_hdr, _("package"), _("group"));
+	    snprintf(hdr, sizeof(hdr), "%-*s%-*s\n",
+		term_width_div2 + term_width_div2/10, _("package"), (term_width/7), _("group"));
         else
-	    snprintf(hdr, sizeof(hdr), fmt_hdr, _("package"), _("source rpm"));
+	    snprintf(hdr, sizeof(hdr), "%-*s%-*s\n",
+		term_width_div2 + term_width_div2/10, _("package"), (term_width/7), _("source rpm"));
     } else if (flags & OPT_LS_LONG) {
         if ((flags & OPT_LS_UPGRADEABLE) == 0) {
-            snprintf(fmt_hdr, sizeof(fmt_hdr), "%%-%ds %%-%ds%%%ds\n",
-                     term_width_div2 + term_width_div2/10, (term_width/7),
-                     (term_width/8) + 2);
-            
-            snprintf(fmt_pkg, sizeof(fmt_pkg), "%%-%ds %%%ds %%%ds\n",
-                     term_width_div2 + term_width_div2/10, (term_width/7),
-                     (term_width/8));
-            snprintf(hdr, sizeof(hdr), fmt_hdr,
-                     _("package"), _("build date"), _("size"));
-
+            snprintf(hdr, sizeof(hdr), "%-*s %-*s%*s\n",
+		     term_width_div2 + term_width_div2/10, _("package"),
+		     (term_width/7), _("build date"),
+		     (term_width/8) + 2, _("size"));
             
         } else {
-            snprintf(fmt_hdr, sizeof(fmt_hdr), "%%-%ds%%-%ds %%-%ds%%%ds\n",
-                     (term_width/2) - 1, (term_width/6) - 1,
-                     (term_width/6) - 1, (term_width/6) - 1);
-
-            snprintf(fmt_pkg, sizeof(fmt_pkg), "%%-%ds%%-%ds %%-%ds %%%ds\n",
-                     (term_width/2) - 1, (term_width/6) - 1,
-                     (term_width/6) - 1, (term_width/6) - 1);
-            
             if (flags & OPT_LS_INSTALLED) 
-                snprintf(hdr, sizeof(hdr), fmt_hdr, _("installed"),
-                         _("available"), _("build date"), _("size"));
+                snprintf(hdr, sizeof(hdr), "%-*s%-*s %-*s%*s\n",
+			 (term_width/2) - 1, _("installed"),
+                         (term_width/6) - 1, _("available"),
+			 (term_width/6) - 1, _("build date"),
+			 (term_width/6) - 1, _("size"));
             else
-                snprintf(hdr, sizeof(hdr), fmt_hdr, _("available"),
-                         _("installed"), _("build date"), _("size"));
+                snprintf(hdr, sizeof(hdr), "%-*s%-*s %-*s%*s\n",
+			 (term_width/2) - 1, _("available"),
+                         (term_width/6) - 1, _("installed"),
+			 (term_width/6) - 1, _("build date"),
+			 (term_width/6) - 1, _("size"));
         }
     }
     
@@ -520,11 +508,15 @@
 
         if (flags & OPT_LS_GROUP) {
             const char *group = pkg_group(pkg);
-            cmdctx_printf(cmdctx, fmt_pkg, pkg_name, group ? group : "(unset)");
+            cmdctx_printf(cmdctx, "%-*s %-*s\n",
+			  term_width_div2 + term_width_div2/10 - 1, pkg_name,
+			  (term_width/7), group ? group : "(unset)");
 	}
         else if (flags & OPT_LS_SOURCERPM) {
             const char *srcrpm = pkg_srcfilename_s(pkg);
-            cmdctx_printf(cmdctx, fmt_pkg, pkg_name, srcrpm ? srcrpm : "(unset)");
+            cmdctx_printf(cmdctx, "%-*s %-*s\n",
+			  term_width_div2 + term_width_div2/10 - 1, pkg_name,
+			  (term_width/7), srcrpm ? srcrpm : "(unset)");
         
         } else if (flags & OPT_LS_QUERYFMT) {
 	    char *queryfmt = NULL;
@@ -553,11 +545,19 @@
                 *timbuf = '\0';
             
             if ((flags & OPT_LS_UPGRADEABLE) == 0) {
-                cmdctx_printf(cmdctx, fmt_pkg, pkg_name, timbuf, sizbuf);
+                cmdctx_printf(cmdctx, "%-*s %*s %*s\n",
+			      term_width_div2 + term_width_div2/10, pkg_name,
+			      (term_width/7), timbuf,
+			      (term_width/8), sizbuf);
                 
             } else if (evrs) {
                 const char *evr = n_array_nth(evrs, i);
-                cmdctx_printf(cmdctx, fmt_pkg, pkg_name, evr, timbuf, sizbuf);
+                cmdctx_printf(cmdctx, "%-*s%-*s %-*s %*s\n",
+			      (term_width/2) - 1, pkg_name,
+			      (term_width/6) - 1, evr,
+			      (term_width/6) - 1, timbuf,
+			      (term_width/6) - 1, sizbuf);
+            
             }
             size += pkg->size/1024;
             
diff -ur poldek-0.30/misc.c poldek-0.30-Werror-format-security/misc.c
--- poldek-0.30/misc.c	2012-03-20 21:41:46.000000000 +0100
+++ poldek-0.30-Werror-format-security/misc.c	2012-09-10 12:40:04.314935221 +0200
@@ -421,7 +421,7 @@
     }
     
     if (strcmp(name, "HOME") == 0 && (pw = getpwuid(getuid()))) {
-        snprintf(dest, size, pw->pw_dir);
+        snprintf(dest, size, "%s", pw->pw_dir);
         val = dest;
     }
 
diff -ur poldek-0.30/vfile/vfetch.c poldek-0.30-Werror-format-security/vfile/vfetch.c
--- poldek-0.30/vfile/vfetch.c	2012-03-20 21:41:46.000000000 +0100
+++ poldek-0.30-Werror-format-security/vfile/vfetch.c	2012-09-10 12:39:17.968270190 +0200
@@ -323,7 +323,7 @@
         } else {            /* redirected */
             char url[PATH_MAX];
                 
-            snprintf(url, sizeof(url), req->url);
+            snprintf(url, sizeof(url), "%s", req->url);
             vf_request_free(req);
             req = NULL;
             rc = vf_fetch(url, destdir, flags, NULL, NULL);
diff -ur poldek-0.30/vfile/vfff/http.c poldek-0.30-Werror-format-security/vfile/vfff/http.c
--- poldek-0.30/vfile/vfff/http.c	2012-09-10 13:00:43.288224848 +0200
+++ poldek-0.30-Werror-format-security/vfile/vfff/http.c	2012-09-10 12:38:24.014938759 +0200
@@ -846,7 +846,7 @@
     if (HTTP_STATUS_IS_REDIR(resp->code)) {
         const char *redirto = http_resp_get_hdr(resp, "location");
         if (redirto && *redirto != '\0') 
-            snprintf(rreq->redirected_to, sizeof(rreq->redirected_to), redirto);
+            snprintf(rreq->redirected_to, sizeof(rreq->redirected_to), "%s", redirto);
         else 
             vfff_set_err(ENOENT, "wrong or empty redirect location");
         
diff -ur poldek-0.30/vfile/vfile.c poldek-0.30-Werror-format-security/vfile/vfile.c
--- poldek-0.30/vfile/vfile.c	2012-03-20 21:41:46.000000000 +0100
+++ poldek-0.30-Werror-format-security/vfile/vfile.c	2012-09-10 12:38:47.601604593 +0200
@@ -561,7 +561,7 @@
         n_assert(vf_url_type(vf->vf_path) & VFURL_LOCAL);
         if (vf_decompressable(vf->vf_path, NULL, 0)) {
             char src[PATH_MAX], *p;
-            snprintf(src, sizeof(src), vf->vf_path);
+            snprintf(src, sizeof(src), "%s", vf->vf_path);
             p = strrchr(src, '.');
             n_assert(p);
             *p = '\0';
Commit	Line	Data
4ee7e053 JR	1	diff -ur poldek-0.30/cli/ls.c poldek-0.30-Werror-format-security/cli/ls.c
	2	--- poldek-0.30/cli/ls.c 2012-09-10 13:00:43.301558181 +0200
	3	+++ poldek-0.30-Werror-format-security/cli/ls.c 2012-09-10 13:00:07.921559430 +0200
	4	@@ -98,7 +98,7 @@
	5	switch (key) {
	6	case 'l':
	7	if (cmdctx->_flags & OPT_LS_GROUP) {
	8	- logn(LOGERR, errmsg_excl);
	9	+ logn(LOGERR, "%s", errmsg_excl);
	10	return EINVAL;
	11	}
	12
	13	@@ -111,7 +111,7 @@
	14
	15	case 'G':
	16	if (cmdctx->_flags & OPT_LS_LONG \|\| cmdctx->_flags & OPT_LS_SOURCERPM) {
	17	- logn(LOGERR, errmsg_excl);
	18	+ logn(LOGERR, "%s", errmsg_excl);
	19	return EINVAL;
	20	}
	21
	22	@@ -120,7 +120,7 @@
	23
	24	case 's':
	25	if (cmdctx->_flags & OPT_LS_LONG \|\| cmdctx->_flags & OPT_LS_GROUP) {
	26	- logn(LOGERR, errmsg_excl);
	27	+ logn(LOGERR, "%s", errmsg_excl);
	28	return EINVAL;
	29	}
	30
	31	@@ -426,7 +426,7 @@
	32	static
	33	int do_ls(const tn_array ents, struct cmdctx cmdctx, const tn_array *evrs)
	34	{
	35	- char hdr[256], fmt_hdr[256], fmt_pkg[256];
	36	+ char hdr[256];
	37	int i, size, err = 0, npkgs = 0;
	38	register int incstep = 0;
	39	int term_width, term_width_div2;
	40	@@ -443,44 +443,32 @@
	41	*hdr = '\0';
	42
	43	if (flags & OPT_LS_GROUP \|\| flags & OPT_LS_SOURCERPM) {
	44	- snprintf(fmt_hdr, sizeof(fmt_hdr), "%%-%ds%%-%ds\n",
	45	- term_width_div2 + term_width_div2/10, (term_width/7));
	46	-
	47	- snprintf(fmt_pkg, sizeof(fmt_pkg), "%%-%ds %%-%ds\n",
	48	- term_width_div2 + term_width_div2/10 - 1, (term_width/7));
	49	-
	50	if (flags & OPT_LS_GROUP)
	51	- snprintf(hdr, sizeof(hdr), fmt_hdr, _("package"), _("group"));
	52	+ snprintf(hdr, sizeof(hdr), "%-s%-s\n",
	53	+ term_width_div2 + term_width_div2/10, _("package"), (term_width/7), _("group"));
	54	else
	55	- snprintf(hdr, sizeof(hdr), fmt_hdr, _("package"), _("source rpm"));
	56	+ snprintf(hdr, sizeof(hdr), "%-s%-s\n",
	57	+ term_width_div2 + term_width_div2/10, _("package"), (term_width/7), _("source rpm"));
	58	} else if (flags & OPT_LS_LONG) {
	59	if ((flags & OPT_LS_UPGRADEABLE) == 0) {
	60	- snprintf(fmt_hdr, sizeof(fmt_hdr), "%%-%ds %%-%ds%%%ds\n",
	61	- term_width_div2 + term_width_div2/10, (term_width/7),
	62	- (term_width/8) + 2);
	63	-
	64	- snprintf(fmt_pkg, sizeof(fmt_pkg), "%%-%ds %%%ds %%%ds\n",
65	- term_width_div2 + term_width_div2/10, (term_width/7),
66	- (term_width/8));
67	- snprintf(hdr, sizeof(hdr), fmt_hdr,
68	- _("package"), _("build date"), _("size"));
69	-
70	+ snprintf(hdr, sizeof(hdr), "%-s %-s%*s\n",
71	+ term_width_div2 + term_width_div2/10, _("package"),
72	+ (term_width/7), _("build date"),
73	+ (term_width/8) + 2, _("size"));
74
75	} else {
76	- snprintf(fmt_hdr, sizeof(fmt_hdr), "%%-%ds%%-%ds %%-%ds%%%ds\n",
77	- (term_width/2) - 1, (term_width/6) - 1,
78	- (term_width/6) - 1, (term_width/6) - 1);
79	-
80	- snprintf(fmt_pkg, sizeof(fmt_pkg), "%%-%ds%%-%ds %%-%ds %%%ds\n",
81	- (term_width/2) - 1, (term_width/6) - 1,
82	- (term_width/6) - 1, (term_width/6) - 1);
83	-
84	if (flags & OPT_LS_INSTALLED)
85	- snprintf(hdr, sizeof(hdr), fmt_hdr, _("installed"),
86	- _("available"), _("build date"), _("size"));
87	+ snprintf(hdr, sizeof(hdr), "%-s%-s %-s%s\n",
88	+ (term_width/2) - 1, _("installed"),
89	+ (term_width/6) - 1, _("available"),
90	+ (term_width/6) - 1, _("build date"),
91	+ (term_width/6) - 1, _("size"));
92	else
93	- snprintf(hdr, sizeof(hdr), fmt_hdr, _("available"),
94	- _("installed"), _("build date"), _("size"));
95	+ snprintf(hdr, sizeof(hdr), "%-s%-s %-s%s\n",
96	+ (term_width/2) - 1, _("available"),
97	+ (term_width/6) - 1, _("installed"),
98	+ (term_width/6) - 1, _("build date"),
99	+ (term_width/6) - 1, _("size"));
100	}
101	}
102
103	@@ -520,11 +508,15 @@
104
105	if (flags & OPT_LS_GROUP) {
106	const char *group = pkg_group(pkg);
107	- cmdctx_printf(cmdctx, fmt_pkg, pkg_name, group ? group : "(unset)");
108	+ cmdctx_printf(cmdctx, "%-s %-s\n",
109	+ term_width_div2 + term_width_div2/10 - 1, pkg_name,
110	+ (term_width/7), group ? group : "(unset)");
111	}
112	else if (flags & OPT_LS_SOURCERPM) {
113	const char *srcrpm = pkg_srcfilename_s(pkg);
114	- cmdctx_printf(cmdctx, fmt_pkg, pkg_name, srcrpm ? srcrpm : "(unset)");
115	+ cmdctx_printf(cmdctx, "%-s %-s\n",
116	+ term_width_div2 + term_width_div2/10 - 1, pkg_name,
117	+ (term_width/7), srcrpm ? srcrpm : "(unset)");
118
119	} else if (flags & OPT_LS_QUERYFMT) {
120	char *queryfmt = NULL;
121	@@ -553,11 +545,19 @@
122	*timbuf = '\0';
123
124	if ((flags & OPT_LS_UPGRADEABLE) == 0) {
125	- cmdctx_printf(cmdctx, fmt_pkg, pkg_name, timbuf, sizbuf);
126	+ cmdctx_printf(cmdctx, "%-s %s %*s\n",
127	+ term_width_div2 + term_width_div2/10, pkg_name,
128	+ (term_width/7), timbuf,
129	+ (term_width/8), sizbuf);
130
131	} else if (evrs) {
132	const char *evr = n_array_nth(evrs, i);
133	- cmdctx_printf(cmdctx, fmt_pkg, pkg_name, evr, timbuf, sizbuf);
134	+ cmdctx_printf(cmdctx, "%-s%-s %-s %s\n",
135	+ (term_width/2) - 1, pkg_name,
136	+ (term_width/6) - 1, evr,
137	+ (term_width/6) - 1, timbuf,
138	+ (term_width/6) - 1, sizbuf);
139	+
140	}
141	size += pkg->size/1024;
142
143	diff -ur poldek-0.30/misc.c poldek-0.30-Werror-format-security/misc.c
144	--- poldek-0.30/misc.c 2012-03-20 21:41:46.000000000 +0100
145	+++ poldek-0.30-Werror-format-security/misc.c 2012-09-10 12:40:04.314935221 +0200
146	@@ -421,7 +421,7 @@
147	}
148
149	if (strcmp(name, "HOME") == 0 && (pw = getpwuid(getuid()))) {
150	- snprintf(dest, size, pw->pw_dir);
151	+ snprintf(dest, size, "%s", pw->pw_dir);
152	val = dest;
153	}
154
155	diff -ur poldek-0.30/vfile/vfetch.c poldek-0.30-Werror-format-security/vfile/vfetch.c
156	--- poldek-0.30/vfile/vfetch.c 2012-03-20 21:41:46.000000000 +0100
157	+++ poldek-0.30-Werror-format-security/vfile/vfetch.c 2012-09-10 12:39:17.968270190 +0200
158	@@ -323,7 +323,7 @@
159	} else { /* redirected */
160	char url[PATH_MAX];
161
162	- snprintf(url, sizeof(url), req->url);
163	+ snprintf(url, sizeof(url), "%s", req->url);
164	vf_request_free(req);
165	req = NULL;
166	rc = vf_fetch(url, destdir, flags, NULL, NULL);
167	diff -ur poldek-0.30/vfile/vfff/http.c poldek-0.30-Werror-format-security/vfile/vfff/http.c
168	--- poldek-0.30/vfile/vfff/http.c 2012-09-10 13:00:43.288224848 +0200
169	+++ poldek-0.30-Werror-format-security/vfile/vfff/http.c 2012-09-10 12:38:24.014938759 +0200
170	@@ -846,7 +846,7 @@
171	if (HTTP_STATUS_IS_REDIR(resp->code)) {
172	const char *redirto = http_resp_get_hdr(resp, "location");
173	if (redirto && *redirto != '\0')
174	- snprintf(rreq->redirected_to, sizeof(rreq->redirected_to), redirto);
175	+ snprintf(rreq->redirected_to, sizeof(rreq->redirected_to), "%s", redirto);
176	else
177	vfff_set_err(ENOENT, "wrong or empty redirect location");
178
179	diff -ur poldek-0.30/vfile/vfile.c poldek-0.30-Werror-format-security/vfile/vfile.c
180	--- poldek-0.30/vfile/vfile.c 2012-03-20 21:41:46.000000000 +0100
181	+++ poldek-0.30-Werror-format-security/vfile/vfile.c 2012-09-10 12:38:47.601604593 +0200
182	@@ -561,7 +561,7 @@
183	n_assert(vf_url_type(vf->vf_path) & VFURL_LOCAL);
184	if (vf_decompressable(vf->vf_path, NULL, 0)) {
185	char src[PATH_MAX], *p;
186	- snprintf(src, sizeof(src), vf->vf_path);
187	+ snprintf(src, sizeof(src), "%s", vf->vf_path);
188	p = strrchr(src, '.');
189	n_assert(p);
190	*p = '\0';