| Andrew Geissler | 595f630 | 2022-01-24 19:11:47 +0000 | [diff] [blame] | 1 | From a5c8e2676b94d2ea41b44b4e05943bee6459f337 Mon Sep 17 00:00:00 2001 |
| 2 | From: Khem Raj <raj.khem@gmail.com> |
| 3 | Date: Sat, 30 Oct 2021 09:46:35 -0700 |
| 4 | Subject: [PATCH] libsinsp: Fix a lot of -Werror=format-security errors with |
| 5 | mvprintw/mvwprintw |
| 6 | |
| 7 | In all these places a non-constant is used as a format string which |
| 8 | compiler complains about. Fix by using "%s" as format. |
| 9 | |
| 10 | Upstream-Status: Pending |
| 11 | |
| 12 | Signed-off-by: Khem Raj <raj.khem@gmail.com> |
| 13 | --- |
| 14 | userspace/libsinsp/cursescomponents.cpp | 4 ++-- |
| 15 | userspace/libsinsp/cursesspectro.cpp | 2 +- |
| 16 | userspace/libsinsp/cursestable.cpp | 6 +++--- |
| 17 | userspace/libsinsp/cursesui.cpp | 14 +++++++------- |
| 18 | 4 files changed, 13 insertions(+), 13 deletions(-) |
| 19 | |
| 20 | diff --git a/userspace/libsinsp/cursescomponents.cpp b/userspace/libsinsp/cursescomponents.cpp |
| 21 | index 4003cb4e..372b4526 100644 |
| 22 | --- a/userspace/libsinsp/cursescomponents.cpp |
| 23 | +++ b/userspace/libsinsp/cursescomponents.cpp |
| 24 | @@ -877,7 +877,7 @@ void curses_textbox::print_no_data() |
| 25 | string wstr = "No Data For This Selection"; |
| 26 | mvprintw(m_parent->m_screenh / 2, |
| 27 | m_parent->m_screenw / 2 - wstr.size() / 2, |
| 28 | - wstr.c_str()); |
| 29 | + "%s", wstr.c_str()); |
| 30 | |
| 31 | refresh(); |
| 32 | } |
| 33 | @@ -1100,7 +1100,7 @@ void curses_textbox::render() |
| 34 | attrset(m_parent->m_colors[sinsp_cursesui::LARGE_NUMBER]); |
| 35 | mvprintw(0, |
| 36 | m_parent->m_screenw / 2 - wstr.size() / 2, |
| 37 | - wstr.c_str()); |
| 38 | + "%s", wstr.c_str()); |
| 39 | } |
| 40 | |
| 41 | // |
| 42 | diff --git a/userspace/libsinsp/cursesspectro.cpp b/userspace/libsinsp/cursesspectro.cpp |
| 43 | index 6858bc95..32012963 100644 |
| 44 | --- a/userspace/libsinsp/cursesspectro.cpp |
| 45 | +++ b/userspace/libsinsp/cursesspectro.cpp |
| 46 | @@ -227,7 +227,7 @@ void curses_spectro::print_error(string wstr) |
| 47 | mvwprintw(m_tblwin, |
| 48 | m_parent->m_screenh / 2, |
| 49 | m_parent->m_screenw / 2 - wstr.size() / 2, |
| 50 | - wstr.c_str()); |
| 51 | + "%s", wstr.c_str()); |
| 52 | } |
| 53 | |
| 54 | void curses_spectro::update_data(vector<sinsp_sample_row>* data, bool force_selection_change) |
| 55 | diff --git a/userspace/libsinsp/cursestable.cpp b/userspace/libsinsp/cursestable.cpp |
| 56 | index 69c2aa32..54667554 100644 |
| 57 | --- a/userspace/libsinsp/cursestable.cpp |
| 58 | +++ b/userspace/libsinsp/cursestable.cpp |
| 59 | @@ -254,7 +254,7 @@ void curses_table::print_line_centered(string line, int32_t off) |
| 60 | mvwprintw(m_tblwin, |
| 61 | m_parent->m_screenh / 2 + off, |
| 62 | m_parent->m_screenw / 2 - line.size() / 2, |
| 63 | - line.c_str()); |
| 64 | + "%s", line.c_str()); |
| 65 | } |
| 66 | else |
| 67 | { |
| 68 | @@ -268,7 +268,7 @@ glogf("2, %d %s\n", spos, ss.c_str()); |
| 69 | mvwprintw(m_tblwin, |
| 70 | m_parent->m_screenh / 2 + off + j, |
| 71 | 0, |
| 72 | - ss.c_str()); |
| 73 | + "%s", ss.c_str()); |
| 74 | |
| 75 | spos += m_parent->m_screenw; |
| 76 | if(spos >= line.size()) |
| 77 | @@ -328,7 +328,7 @@ void curses_table::print_error(string wstr) |
| 78 | mvwprintw(m_tblwin, |
| 79 | m_parent->m_screenh / 2, |
| 80 | m_parent->m_screenw / 2 - wstr.size() / 2, |
| 81 | - wstr.c_str()); |
| 82 | + "%s", wstr.c_str()); |
| 83 | } |
| 84 | |
| 85 | void curses_table::render(bool data_changed) |
| 86 | diff --git a/userspace/libsinsp/cursesui.cpp b/userspace/libsinsp/cursesui.cpp |
| 87 | index 1eeb0864..69652edc 100644 |
| 88 | --- a/userspace/libsinsp/cursesui.cpp |
| 89 | +++ b/userspace/libsinsp/cursesui.cpp |
| 90 | @@ -825,7 +825,7 @@ void sinsp_cursesui::render_header() |
| 91 | attrset(m_colors[sinsp_cursesui::LARGE_NUMBER]); |
| 92 | mvprintw(0, |
| 93 | m_screenw / 2 - wstr.size() / 2, |
| 94 | - wstr.c_str()); |
| 95 | + "%s", wstr.c_str()); |
| 96 | } |
| 97 | |
| 98 | // |
| 99 | @@ -1123,7 +1123,7 @@ void sinsp_cursesui::render_filtersearch_main_menu() |
| 100 | |
| 101 | m_cursor_pos = cursor_pos; |
| 102 | |
| 103 | - mvprintw(m_screenh - 1, m_cursor_pos, str->c_str()); |
| 104 | + mvprintw(m_screenh - 1, m_cursor_pos, "%s", str->c_str()); |
| 105 | |
| 106 | m_cursor_pos += str->size(); |
| 107 | } |
| 108 | @@ -2189,7 +2189,7 @@ void sinsp_cursesui::print_progress(double progress) |
| 109 | string wstr = "Processing File"; |
| 110 | mvprintw(m_screenh / 2, |
| 111 | m_screenw / 2 - wstr.size() / 2, |
| 112 | - wstr.c_str()); |
| 113 | + "%s", wstr.c_str()); |
| 114 | |
| 115 | // |
| 116 | // Using sprintf because to_string doesn't support setting the precision |
| 117 | @@ -2199,7 +2199,7 @@ void sinsp_cursesui::print_progress(double progress) |
| 118 | wstr = "Progress: " + string(numbuf); |
| 119 | mvprintw(m_screenh / 2 + 1, |
| 120 | m_screenw / 2 - wstr.size() / 2, |
| 121 | - wstr.c_str()); |
| 122 | + "%s", wstr.c_str()); |
| 123 | |
| 124 | refresh(); |
| 125 | } |
| 126 | @@ -2308,7 +2308,7 @@ sysdig_table_action sinsp_cursesui::handle_textbox_input(int ch) |
| 127 | attrset(m_colors[sinsp_cursesui::FAILED_SEARCH]); |
| 128 | mvprintw(m_screenh / 2, |
| 129 | m_screenw / 2 - wstr.size() / 2, |
| 130 | - wstr.c_str()); |
| 131 | + "%s", wstr.c_str()); |
| 132 | |
| 133 | // |
| 134 | // Restore the cursor |
| 135 | @@ -2363,7 +2363,7 @@ sysdig_table_action sinsp_cursesui::handle_textbox_input(int ch) |
| 136 | |
| 137 | mvprintw(m_screenh / 2, |
| 138 | m_screenw / 2 - wstr.size() / 2, |
| 139 | - wstr.c_str()); |
| 140 | + "%s", wstr.c_str()); |
| 141 | |
| 142 | render(); |
| 143 | } |
| 144 | @@ -2436,7 +2436,7 @@ sysdig_table_action sinsp_cursesui::handle_textbox_input(int ch) |
| 145 | |
| 146 | mvprintw(m_screenh / 2, |
| 147 | m_screenw / 2 - wstr.size() / 2, |
| 148 | - wstr.c_str()); |
| 149 | + "%s", wstr.c_str()); |
| 150 | |
| 151 | render(); |
| 152 | } |
| 153 | -- |
| 154 | 2.33.1 |
| 155 | |