Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame^] | 1 | From 82f98dcbc429bbe89a9837c533cbcbc02e77c790 Mon Sep 17 00:00:00 2001 |
| 2 | From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <adraszik@tycoint.com> |
| 3 | Date: Tue, 28 Jun 2016 12:43:31 +0100 |
| 4 | Subject: [PATCH] idn: fix printf() format security warnings |
| 5 | MIME-Version: 1.0 |
| 6 | Content-Type: text/plain; charset=UTF-8 |
| 7 | Content-Transfer-Encoding: 8bit |
| 8 | |
| 9 | | ../../libidn-1.32/src/idn.c: In function 'main': |
| 10 | | ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments [-Werror=format-security] |
| 11 | | error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified")); |
| 12 | | ^~~~~ |
| 13 | | ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments [-Werror=format-security] |
| 14 | | fprintf (stderr, _("Type each input string on a line by itself, " |
| 15 | | ^~~~~~~ |
| 16 | | ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments [-Werror=format-security] |
| 17 | | error (EXIT_FAILURE, errno, _("input error")); |
| 18 | | ^~~~~ |
| 19 | | ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments [-Werror=format-security] |
| 20 | | _("could not convert from UTF-8 to UCS-4")); |
| 21 | | ^ |
| 22 | | ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments [-Werror=format-security] |
| 23 | | _("could not convert from UTF-8 to UCS-4")); |
| 24 | | ^ |
| 25 | | ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments [-Werror=format-security] |
| 26 | | _("could not convert from UTF-8 to UCS-4")); |
| 27 | | ^ |
| 28 | | ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments [-Werror=format-security] |
| 29 | | _("could not convert from UCS-4 to UTF-8")); |
| 30 | | ^ |
| 31 | | ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments [-Werror=format-security] |
| 32 | | _("could not convert from UCS-4 to UTF-8")); |
| 33 | | ^ |
| 34 | | ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments [-Werror=format-security] |
| 35 | | _("could not convert from UCS-4 to UTF-8")); |
| 36 | | ^ |
| 37 | | ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments [-Werror=format-security] |
| 38 | | _("could not convert from UTF-8 to UCS-4")); |
| 39 | | ^ |
| 40 | | ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments [-Werror=format-security] |
| 41 | | _("could not convert from UTF-8 to UCS-4")); |
| 42 | | ^ |
| 43 | | ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments [-Werror=format-security] |
| 44 | | error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); |
| 45 | | ^~~~~ |
| 46 | | ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments [-Werror=format-security] |
| 47 | | _("could not convert from UTF-8 to UCS-4")); |
| 48 | | ^ |
| 49 | |
| 50 | Signed-off-by: André Draszik <adraszik@tycoint.com> |
| 51 | --- |
| 52 | Upstream-Status: Pending |
| 53 | |
| 54 | src/idn.c | 27 ++++++++++++++------------- |
| 55 | 1 file changed, 14 insertions(+), 13 deletions(-) |
| 56 | |
| 57 | diff --git a/src/idn.c b/src/idn.c |
| 58 | index be1c7d1..68e4291 100644 |
| 59 | --- a/src/idn.c |
| 60 | +++ b/src/idn.c |
| 61 | @@ -170,7 +170,7 @@ main (int argc, char *argv[]) |
| 62 | (args_info.idna_to_unicode_given ? 1 : 0) + |
| 63 | (args_info.nfkc_given ? 1 : 0) != 1) |
| 64 | { |
| 65 | - error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified")); |
| 66 | + error (0, 0, "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified")); |
| 67 | usage (EXIT_FAILURE); |
| 68 | } |
| 69 | |
| 70 | @@ -185,7 +185,7 @@ main (int argc, char *argv[]) |
| 71 | if (!args_info.quiet_given |
| 72 | && args_info.inputs_num == 0 |
| 73 | && isatty (fileno (stdin))) |
| 74 | - fprintf (stderr, _("Type each input string on a line by itself, " |
| 75 | + fprintf (stderr, "%s", _("Type each input string on a line by itself, " |
| 76 | "terminated by a newline character.\n")); |
| 77 | |
| 78 | do |
| 79 | @@ -197,7 +197,7 @@ main (int argc, char *argv[]) |
| 80 | if (feof (stdin)) |
| 81 | break; |
| 82 | |
| 83 | - error (EXIT_FAILURE, errno, _("input error")); |
| 84 | + error (EXIT_FAILURE, errno, "%s", _("input error")); |
| 85 | } |
| 86 | |
| 87 | if (strlen (line) > 0) |
| 88 | @@ -215,7 +215,7 @@ main (int argc, char *argv[]) |
| 89 | if (!q) |
| 90 | { |
| 91 | free (p); |
| 92 | - error (EXIT_FAILURE, 0, |
| 93 | + error (EXIT_FAILURE, 0, "%s", |
| 94 | _("could not convert from UTF-8 to UCS-4")); |
| 95 | } |
| 96 | |
| 97 | @@ -240,7 +240,7 @@ main (int argc, char *argv[]) |
| 98 | if (!q) |
| 99 | { |
| 100 | free (r); |
| 101 | - error (EXIT_FAILURE, 0, |
| 102 | + error (EXIT_FAILURE, 0, "%s", |
| 103 | _("could not convert from UTF-8 to UCS-4")); |
| 104 | } |
| 105 | |
| 106 | @@ -277,7 +277,7 @@ main (int argc, char *argv[]) |
| 107 | q = stringprep_utf8_to_ucs4 (p, -1, &len); |
| 108 | free (p); |
| 109 | if (!q) |
| 110 | - error (EXIT_FAILURE, 0, |
| 111 | + error (EXIT_FAILURE, 0, "%s", |
| 112 | _("could not convert from UTF-8 to UCS-4")); |
| 113 | |
| 114 | if (args_info.debug_given) |
| 115 | @@ -336,7 +336,7 @@ main (int argc, char *argv[]) |
| 116 | r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); |
| 117 | free (q); |
| 118 | if (!r) |
| 119 | - error (EXIT_FAILURE, 0, |
| 120 | + error (EXIT_FAILURE, 0, "%s", |
| 121 | _("could not convert from UCS-4 to UTF-8")); |
| 122 | |
| 123 | p = stringprep_utf8_to_locale (r); |
| 124 | @@ -360,7 +360,7 @@ main (int argc, char *argv[]) |
| 125 | q = stringprep_utf8_to_ucs4 (p, -1, NULL); |
| 126 | free (p); |
| 127 | if (!q) |
| 128 | - error (EXIT_FAILURE, 0, |
| 129 | + error (EXIT_FAILURE, 0, "%s", |
| 130 | _("could not convert from UCS-4 to UTF-8")); |
| 131 | |
| 132 | if (args_info.debug_given) |
| 133 | @@ -438,7 +438,7 @@ main (int argc, char *argv[]) |
| 134 | if (!q) |
| 135 | { |
| 136 | free (p); |
| 137 | - error (EXIT_FAILURE, 0, |
| 138 | + error (EXIT_FAILURE, 0, "%s", |
| 139 | _("could not convert from UCS-4 to UTF-8")); |
| 140 | } |
| 141 | |
| 142 | @@ -494,7 +494,7 @@ main (int argc, char *argv[]) |
| 143 | r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); |
| 144 | free (q); |
| 145 | if (!r) |
| 146 | - error (EXIT_FAILURE, 0, |
| 147 | + error (EXIT_FAILURE, 0, "%s", |
| 148 | _("could not convert from UTF-8 to UCS-4")); |
| 149 | |
| 150 | p = stringprep_utf8_to_locale (r); |
| 151 | @@ -523,7 +523,7 @@ main (int argc, char *argv[]) |
| 152 | if (!q) |
| 153 | { |
| 154 | free (p); |
| 155 | - error (EXIT_FAILURE, 0, |
| 156 | + error (EXIT_FAILURE, 0, "%s", |
| 157 | _("could not convert from UTF-8 to UCS-4")); |
| 158 | } |
| 159 | |
| 160 | @@ -537,7 +537,8 @@ main (int argc, char *argv[]) |
| 161 | r = stringprep_utf8_nfkc_normalize (p, -1); |
| 162 | free (p); |
| 163 | if (!r) |
| 164 | - error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); |
| 165 | + error (EXIT_FAILURE, 0, "%s", |
| 166 | + _("could not do NFKC normalization")); |
| 167 | |
| 168 | if (args_info.debug_given) |
| 169 | { |
| 170 | @@ -547,7 +548,7 @@ main (int argc, char *argv[]) |
| 171 | if (!q) |
| 172 | { |
| 173 | free (r); |
| 174 | - error (EXIT_FAILURE, 0, |
| 175 | + error (EXIT_FAILURE, 0, "%s", |
| 176 | _("could not convert from UTF-8 to UCS-4")); |
| 177 | } |
| 178 | |
| 179 | -- |
| 180 | 2.8.1 |
| 181 | |