]>
Commit | Line | Data |
---|---|---|
017a8877 ER |
1 | Sent by e-mail to Alex deVries <alexthepuffin@gmail.com> |
2 | ||
3 | From 2c76660566d026d430305231e72c259372de4380 Mon Sep 17 00:00:00 2001 | |
4 | From: Lubomir Rintel <lkundrak@v3.sk> | |
5 | Date: Wed, 4 Dec 2013 23:17:10 +0100 | |
6 | Subject: [PATCH] Fix build with -Werror=format-security | |
7 | ||
8 | Fedora, starting with version 21, will enable this flag in order to limit | |
9 | potentially insecure uses of format strings. It is required for format strings | |
10 | to be constant now. | |
11 | --- | |
12 | cmdline/cmdline_afp.c | 4 ++-- | |
13 | cmdline/cmdline_testafp.c | 12 ++++++------ | |
14 | fuse/client.c | 5 +---- | |
15 | fuse/commands.c | 4 ++-- | |
16 | lib/afp_url.c | 12 ++++++------ | |
17 | 5 files changed, 17 insertions(+), 20 deletions(-) | |
18 | ||
19 | diff --git a/cmdline/cmdline_afp.c b/cmdline/cmdline_afp.c | |
20 | index 827150b..59f0977 100644 | |
21 | --- a/cmdline/cmdline_afp.c | |
22 | +++ b/cmdline/cmdline_afp.c | |
23 | @@ -828,11 +828,11 @@ int com_status(char * arg) | |
24 | char text[40960]; | |
25 | ||
26 | afp_status_header(text,&len); | |
27 | - printf(text); | |
28 | + printf("%s", text); | |
29 | ||
30 | len=40960; | |
31 | afp_status_server(server,text,&len); | |
32 | - printf(text); | |
33 | + printf("%s", text); | |
34 | return 0; | |
35 | } | |
36 | ||
37 | diff --git a/cmdline/cmdline_testafp.c b/cmdline/cmdline_testafp.c | |
38 | index c40f2bd..f887aec 100644 | |
39 | --- a/cmdline/cmdline_testafp.c | |
40 | +++ b/cmdline/cmdline_testafp.c | |
41 | @@ -26,12 +26,12 @@ static int test_one_url(char * url_string, | |
42 | struct afp_url valid_url; | |
43 | afp_default_url(&valid_url); | |
44 | valid_url.protocol=protocol; | |
45 | - sprintf(valid_url.servername,servername); | |
46 | - sprintf(valid_url.volumename,volumename); | |
47 | - sprintf(valid_url.path,path); | |
48 | - sprintf(valid_url.username,username); | |
49 | - sprintf(valid_url.password,password); | |
50 | - sprintf(valid_url.uamname,uamname); | |
51 | + snprintf(valid_url.servername,sizeof(valid_url.servername),"%s",servername); | |
52 | + snprintf(valid_url.volumename,sizeof(valid_url.volumename),"%s",volumename); | |
53 | + snprintf(valid_url.path,sizeof(valid_url.path),"%s",path); | |
54 | + snprintf(valid_url.username,sizeof(valid_url.username),"%s",username); | |
55 | + snprintf(valid_url.password,sizeof(valid_url.password),"%s",password); | |
56 | + snprintf(valid_url.uamname,(valid_url.uamname),"%s",uamname); | |
57 | valid_url.port=port; | |
58 | ||
59 | if (afp_url_validate(url_string,&valid_url)) | |
60 | diff --git a/fuse/client.c b/fuse/client.c | |
61 | index f795ca6..d19e9ef 100644 | |
62 | --- a/fuse/client.c | |
63 | +++ b/fuse/client.c | |
64 | @@ -509,7 +509,6 @@ static int prepare_buffer(int argc, char * argv[]) | |
65 | int read_answer(int sock) { | |
66 | int len=0, expected_len=0, packetlen; | |
67 | char incoming_buffer[MAX_CLIENT_RESPONSE]; | |
68 | - char toprint[MAX_CLIENT_RESPONSE+200]; | |
69 | struct timeval tv; | |
70 | fd_set rds,ords; | |
71 | int ret; | |
72 | @@ -546,9 +545,7 @@ int read_answer(int sock) { | |
73 | } | |
74 | ||
75 | done: | |
76 | - memset(toprint,0,MAX_CLIENT_RESPONSE+200); | |
77 | - snprintf(toprint,MAX_CLIENT_RESPONSE+200,"%s",incoming_buffer+sizeof(*answer)); | |
78 | - printf(toprint); | |
79 | + printf("%.200s",incoming_buffer+sizeof(*answer)); | |
80 | return ((struct afp_server_response *) incoming_buffer)->result; | |
81 | ||
82 | return 0; | |
83 | diff --git a/fuse/commands.c b/fuse/commands.c | |
84 | index aa7444d..bb06928 100644 | |
85 | --- a/fuse/commands.c | |
86 | +++ b/fuse/commands.c | |
87 | @@ -163,6 +163,7 @@ static void fuse_log_for_client(void * priv, | |
88 | len = strlen(c->client_string); | |
89 | snprintf(c->client_string+len, | |
90 | MAX_CLIENT_RESPONSE-len, | |
91 | + "%s", | |
92 | message); | |
93 | } else { | |
94 | ||
95 | @@ -468,7 +468,7 @@ static int process_mount(struct fuse_client * c) | |
96 | volume->mapping=req->map; | |
97 | afp_detect_mapping(volume); | |
98 | ||
99 | - snprintf(volume->mountpoint,255,req->mountpoint); | |
100 | + snprintf(volume->mountpoint,255,"%s",req->mountpoint); | |
101 | ||
102 | /* Create the new thread and block until we get an answer back */ | |
103 | { | |
104 | diff --git a/lib/afp_url.c b/lib/afp_url.c | |
105 | index 42bac1c..f152d7b 100644 | |
106 | --- a/lib/afp_url.c | |
107 | +++ b/lib/afp_url.c | |
108 | @@ -233,7 +233,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose) | |
109 | } | |
110 | } | |
111 | ||
112 | - snprintf(url->servername,strlen(p)+1,p); | |
113 | + snprintf(url->servername,strlen(p)+1,"%s",p); | |
114 | if (check_servername(url->servername)) { | |
115 | if (verbose) printf("This isn't a valid servername\n"); | |
116 | return -1; | |
117 | @@ -263,7 +263,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose) | |
118 | if ((q=escape_strrchr(p,':',":"))) { | |
119 | *q='\0'; | |
120 | q++; | |
121 | - snprintf(url->password,strlen(q)+1,q); | |
122 | + snprintf(url->password,strlen(q)+1,"%s",q); | |
123 | if (check_password(url->password)) { | |
124 | if (verbose) printf("This isn't a valid passwd\n"); | |
125 | return -1; | |
126 | @@ -276,7 +276,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose) | |
127 | if ((q=strstr(p,";AUTH="))) { | |
128 | *q='\0'; | |
129 | q+=6; | |
130 | - snprintf(url->uamname,strlen(q)+1,q); | |
131 | + snprintf(url->uamname,strlen(q)+1,"%s",q); | |
132 | if (check_uamname(url->uamname)) { | |
133 | if (verbose) printf("This isn't a valid uamname\n"); | |
134 | return -1; | |
135 | @@ -284,7 +284,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose) | |
136 | } | |
137 | ||
138 | if (strlen(p)>0) { | |
139 | - snprintf(url->username,strlen(p)+1,p); | |
140 | + snprintf(url->username,strlen(p)+1,"%s",p); | |
141 | if (check_username(url->username)) { | |
142 | if (verbose) printf("This isn't a valid username\n"); | |
143 | return -1;; | |
144 | @@ -304,12 +304,12 @@ parse_secondpart: | |
145 | *q='\0'; | |
146 | q++; | |
147 | } | |
148 | - snprintf(url->volumename,strlen(p)+1,p); | |
149 | + snprintf(url->volumename,strlen(p)+1,"%s",p); | |
150 | ||
151 | ||
152 | if (q) { | |
153 | url->path[0]='/'; | |
154 | - snprintf(url->path+1,strlen(q)+1,q); | |
155 | + snprintf(url->path+1,strlen(q)+1,"%s",q); | |
156 | } | |
157 | ||
158 | done: | |
159 | -- | |
160 | 1.8.4.2 | |
161 |