[packages/afpfs-ng.git] / formatsec.patch

Sent by e-mail to Alex deVries <alexthepuffin@gmail.com>

From 2c76660566d026d430305231e72c259372de4380 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 4 Dec 2013 23:17:10 +0100
Subject: [PATCH] Fix build with -Werror=format-security

Fedora, starting with version 21, will enable this flag in order to limit
potentially insecure uses of format strings. It is required for format strings
to be constant now.
---
 cmdline/cmdline_afp.c     |  4 ++--
 cmdline/cmdline_testafp.c | 12 ++++++------
 fuse/client.c             |  5 +----
 fuse/commands.c           |  4 ++--
 lib/afp_url.c             | 12 ++++++------
 5 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/cmdline/cmdline_afp.c b/cmdline/cmdline_afp.c
index 827150b..59f0977 100644
--- a/cmdline/cmdline_afp.c
+++ b/cmdline/cmdline_afp.c
@@ -828,11 +828,11 @@ int com_status(char * arg)
 	char text[40960];
 
 	afp_status_header(text,&len);
-	printf(text);
+	printf("%s", text);
 
 	len=40960;
 	afp_status_server(server,text,&len);
-	printf(text);
+	printf("%s", text);
 	return 0;
 }
 
diff --git a/cmdline/cmdline_testafp.c b/cmdline/cmdline_testafp.c
index c40f2bd..f887aec 100644
--- a/cmdline/cmdline_testafp.c
+++ b/cmdline/cmdline_testafp.c
@@ -26,12 +26,12 @@ static int test_one_url(char * url_string,
 	struct afp_url valid_url;
 	afp_default_url(&valid_url);
 	valid_url.protocol=protocol;
-	sprintf(valid_url.servername,servername);
-	sprintf(valid_url.volumename,volumename);
-	sprintf(valid_url.path,path);
-	sprintf(valid_url.username,username);
-	sprintf(valid_url.password,password);
-	sprintf(valid_url.uamname,uamname);
+	snprintf(valid_url.servername,sizeof(valid_url.servername),"%s",servername);
+	snprintf(valid_url.volumename,sizeof(valid_url.volumename),"%s",volumename);
+	snprintf(valid_url.path,sizeof(valid_url.path),"%s",path);
+	snprintf(valid_url.username,sizeof(valid_url.username),"%s",username);
+	snprintf(valid_url.password,sizeof(valid_url.password),"%s",password);
+	snprintf(valid_url.uamname,(valid_url.uamname),"%s",uamname);
 	valid_url.port=port;
 
 	if (afp_url_validate(url_string,&valid_url)) 
diff --git a/fuse/client.c b/fuse/client.c
index f795ca6..d19e9ef 100644
--- a/fuse/client.c
+++ b/fuse/client.c
@@ -509,7 +509,6 @@ static int prepare_buffer(int argc, char * argv[])
 int read_answer(int sock) {
 	int len=0, expected_len=0, packetlen;
 	char incoming_buffer[MAX_CLIENT_RESPONSE];
-	char toprint[MAX_CLIENT_RESPONSE+200];
 	struct timeval tv;
 	fd_set rds,ords;
 	int ret;
@@ -546,9 +545,7 @@ int read_answer(int sock) {
 	}
 
 done:
-	memset(toprint,0,MAX_CLIENT_RESPONSE+200);
-	snprintf(toprint,MAX_CLIENT_RESPONSE+200,"%s",incoming_buffer+sizeof(*answer));
-	printf(toprint);
+	printf("%.200s",incoming_buffer+sizeof(*answer));
 	return ((struct afp_server_response *) incoming_buffer)->result;
 
 	return 0;
diff --git a/fuse/commands.c b/fuse/commands.c
index aa7444d..bb06928 100644
--- a/fuse/commands.c
+++ b/fuse/commands.c
@@ -163,6 +163,7 @@ static void fuse_log_for_client(void * priv,
 		len = strlen(c->client_string);
 		snprintf(c->client_string+len,
 			MAX_CLIENT_RESPONSE-len,
+			"%s",
 			message);
 	} else {
 
@@ -468,7 +468,7 @@ static int process_mount(struct fuse_client * c)
 	volume->mapping=req->map;
 	afp_detect_mapping(volume);
 
-	snprintf(volume->mountpoint,255,req->mountpoint);
+	snprintf(volume->mountpoint,255,"%s",req->mountpoint);
 
 	/* Create the new thread and block until we get an answer back */
 	{
diff --git a/lib/afp_url.c b/lib/afp_url.c
index 42bac1c..f152d7b 100644
--- a/lib/afp_url.c
+++ b/lib/afp_url.c
@@ -233,7 +233,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
 		}
 	}
 
-	snprintf(url->servername,strlen(p)+1,p);
+	snprintf(url->servername,strlen(p)+1,"%s",p);
 	if (check_servername(url->servername)) {
 			if (verbose) printf("This isn't a valid servername\n");
 			return -1;
@@ -263,7 +263,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
 	if ((q=escape_strrchr(p,':',":"))) {
 		*q='\0';
 		q++;
-		snprintf(url->password,strlen(q)+1,q);
+		snprintf(url->password,strlen(q)+1,"%s",q);
 		if (check_password(url->password)) {
 			if (verbose) printf("This isn't a valid passwd\n");
 			return -1;
@@ -276,7 +276,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
 	if ((q=strstr(p,";AUTH="))) {
 		*q='\0';
 		q+=6;
-		snprintf(url->uamname,strlen(q)+1,q);
+		snprintf(url->uamname,strlen(q)+1,"%s",q);
 		if (check_uamname(url->uamname)) {
 			if (verbose) printf("This isn't a valid uamname\n");
 			return -1;
@@ -284,7 +284,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
 	}
 
 	if (strlen(p)>0) {
-		snprintf(url->username,strlen(p)+1,p);
+		snprintf(url->username,strlen(p)+1,"%s",p);
 		if (check_username(url->username)) {
 			if (verbose) printf("This isn't a valid username\n");
 			return -1;;
@@ -304,12 +304,12 @@ parse_secondpart:
 		*q='\0';
 		q++;
 	}
-	snprintf(url->volumename,strlen(p)+1,p);
+	snprintf(url->volumename,strlen(p)+1,"%s",p);
 
 
 	if (q) {
 		url->path[0]='/';
-		snprintf(url->path+1,strlen(q)+1,q);
+		snprintf(url->path+1,strlen(q)+1,"%s",q);
 	}
 
 done:
-- 
1.8.4.2
Commit	Line	Data
017a8877 ER	1	Sent by e-mail to Alex deVries <alexthepuffin@gmail.com>
	2
	3	From 2c76660566d026d430305231e72c259372de4380 Mon Sep 17 00:00:00 2001
	4	From: Lubomir Rintel <lkundrak@v3.sk>
	5	Date: Wed, 4 Dec 2013 23:17:10 +0100
	6	Subject: [PATCH] Fix build with -Werror=format-security
	7
	8	Fedora, starting with version 21, will enable this flag in order to limit
	9	potentially insecure uses of format strings. It is required for format strings
	10	to be constant now.
	11	---
	12	cmdline/cmdline_afp.c \| 4 ++--
	13	cmdline/cmdline_testafp.c \| 12 ++++++------
	14	fuse/client.c \| 5 +----
	15	fuse/commands.c \| 4 ++--
	16	lib/afp_url.c \| 12 ++++++------
	17	5 files changed, 17 insertions(+), 20 deletions(-)
	18
	19	diff --git a/cmdline/cmdline_afp.c b/cmdline/cmdline_afp.c
	20	index 827150b..59f0977 100644
	21	--- a/cmdline/cmdline_afp.c
	22	+++ b/cmdline/cmdline_afp.c
	23	@@ -828,11 +828,11 @@ int com_status(char * arg)
	24	char text[40960];
	25
	26	afp_status_header(text,&len);
	27	- printf(text);
	28	+ printf("%s", text);
	29
	30	len=40960;
	31	afp_status_server(server,text,&len);
	32	- printf(text);
	33	+ printf("%s", text);
	34	return 0;
	35	}
	36
	37	diff --git a/cmdline/cmdline_testafp.c b/cmdline/cmdline_testafp.c
	38	index c40f2bd..f887aec 100644
	39	--- a/cmdline/cmdline_testafp.c
	40	+++ b/cmdline/cmdline_testafp.c
	41	@@ -26,12 +26,12 @@ static int test_one_url(char * url_string,
	42	struct afp_url valid_url;
	43	afp_default_url(&valid_url);
	44	valid_url.protocol=protocol;
	45	- sprintf(valid_url.servername,servername);
	46	- sprintf(valid_url.volumename,volumename);
	47	- sprintf(valid_url.path,path);
	48	- sprintf(valid_url.username,username);
	49	- sprintf(valid_url.password,password);
	50	- sprintf(valid_url.uamname,uamname);
	51	+ snprintf(valid_url.servername,sizeof(valid_url.servername),"%s",servername);
	52	+ snprintf(valid_url.volumename,sizeof(valid_url.volumename),"%s",volumename);
	53	+ snprintf(valid_url.path,sizeof(valid_url.path),"%s",path);
	54	+ snprintf(valid_url.username,sizeof(valid_url.username),"%s",username);
	55	+ snprintf(valid_url.password,sizeof(valid_url.password),"%s",password);
	56	+ snprintf(valid_url.uamname,(valid_url.uamname),"%s",uamname);
	57	valid_url.port=port;
	58
	59	if (afp_url_validate(url_string,&valid_url))
	60	diff --git a/fuse/client.c b/fuse/client.c
	61	index f795ca6..d19e9ef 100644
	62	--- a/fuse/client.c
	63	+++ b/fuse/client.c
	64	@@ -509,7 +509,6 @@ static int prepare_buffer(int argc, char * argv[])
65	int read_answer(int sock) {
66	int len=0, expected_len=0, packetlen;
67	char incoming_buffer[MAX_CLIENT_RESPONSE];
68	- char toprint[MAX_CLIENT_RESPONSE+200];
69	struct timeval tv;
70	fd_set rds,ords;
71	int ret;
72	@@ -546,9 +545,7 @@ int read_answer(int sock) {
73	}
74
75	done:
76	- memset(toprint,0,MAX_CLIENT_RESPONSE+200);
77	- snprintf(toprint,MAX_CLIENT_RESPONSE+200,"%s",incoming_buffer+sizeof(*answer));
78	- printf(toprint);
79	+ printf("%.200s",incoming_buffer+sizeof(*answer));
80	return ((struct afp_server_response *) incoming_buffer)->result;
81
82	return 0;
83	diff --git a/fuse/commands.c b/fuse/commands.c
84	index aa7444d..bb06928 100644
85	--- a/fuse/commands.c
86	+++ b/fuse/commands.c
87	@@ -163,6 +163,7 @@ static void fuse_log_for_client(void * priv,
88	len = strlen(c->client_string);
89	snprintf(c->client_string+len,
90	MAX_CLIENT_RESPONSE-len,
91	+ "%s",
92	message);
93	} else {
94
95	@@ -468,7 +468,7 @@ static int process_mount(struct fuse_client * c)
96	volume->mapping=req->map;
97	afp_detect_mapping(volume);
98
99	- snprintf(volume->mountpoint,255,req->mountpoint);
100	+ snprintf(volume->mountpoint,255,"%s",req->mountpoint);
101
102	/* Create the new thread and block until we get an answer back */
103	{
104	diff --git a/lib/afp_url.c b/lib/afp_url.c
105	index 42bac1c..f152d7b 100644
106	--- a/lib/afp_url.c
107	+++ b/lib/afp_url.c
108	@@ -233,7 +233,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
109	}
110	}
111
112	- snprintf(url->servername,strlen(p)+1,p);
113	+ snprintf(url->servername,strlen(p)+1,"%s",p);
114	if (check_servername(url->servername)) {
115	if (verbose) printf("This isn't a valid servername\n");
116	return -1;
117	@@ -263,7 +263,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
118	if ((q=escape_strrchr(p,':',":"))) {
119	*q='\0';
120	q++;
121	- snprintf(url->password,strlen(q)+1,q);
122	+ snprintf(url->password,strlen(q)+1,"%s",q);
123	if (check_password(url->password)) {
124	if (verbose) printf("This isn't a valid passwd\n");
125	return -1;
126	@@ -276,7 +276,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
127	if ((q=strstr(p,";AUTH="))) {
128	*q='\0';
129	q+=6;
130	- snprintf(url->uamname,strlen(q)+1,q);
131	+ snprintf(url->uamname,strlen(q)+1,"%s",q);
132	if (check_uamname(url->uamname)) {
133	if (verbose) printf("This isn't a valid uamname\n");
134	return -1;
135	@@ -284,7 +284,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)
136	}
137
138	if (strlen(p)>0) {
139	- snprintf(url->username,strlen(p)+1,p);
140	+ snprintf(url->username,strlen(p)+1,"%s",p);
141	if (check_username(url->username)) {
142	if (verbose) printf("This isn't a valid username\n");
143	return -1;;
144	@@ -304,12 +304,12 @@ parse_secondpart:
145	*q='\0';
146	q++;
147	}
148	- snprintf(url->volumename,strlen(p)+1,p);
149	+ snprintf(url->volumename,strlen(p)+1,"%s",p);
150
151
152	if (q) {
153	url->path[0]='/';
154	- snprintf(url->path+1,strlen(q)+1,q);
155	+ snprintf(url->path+1,strlen(q)+1,"%s",q);
156	}
157
158	done:
159	--
160	1.8.4.2
161