80 lines
2.8 KiB
Diff
80 lines
2.8 KiB
Diff
|
From 202b2e7b27a159d54a525b0cfd366b8d52d5a3a1 Mon Sep 17 00:00:00 2001
|
|||
|
|
Message-Id: <202b2e7b27a159d54a525b0cfd366b8d52d5a3a1.1386069831.git.npajkovs@redhat.com>
|
|||
|
|
From: Nikola Pajkovsky <npajkovs@redhat.com>
|
|||
|
|
Date: Tue, 3 Dec 2013 12:12:16 +0100
|
|||
|
|
Subject: [PATCH] Makefile: add -Werror=format-security
|
|||
|
|
MIME-Version: 1.0
|
|||
|
|
Content-Type: text/plain; charset=UTF-8
|
|||
|
|
Content-Transfer-Encoding: 8bit
|
|||
|
|
|
|||
|
|
-Wformat-security
|
|||
|
|
If -Wformat is specified, also warn about uses of format
|
|||
|
|
functions that represent possible security problems. At
|
|||
|
|
present, this warns about calls to printf and scanf functions
|
|||
|
|
where the format string is not a string literal and there are
|
|||
|
|
no format arguments, as in printf (foo);. This may be a
|
|||
|
|
security hole if the format string came from untrusted input
|
|||
|
|
and contains ‘%n’. (This is currently a subset of what
|
|||
|
|
-Wformat-nonliteral warns about, but in future warnings may be
|
|||
|
|
added to -Wformat-security that are not included in
|
|||
|
|
-Wformat-nonliteral.)
|
|||
|
|
|
|||
|
|
Signed-off-by: Nikola Pajkovsky <npajkovs@redhat.com>
|
|||
|
|
---
|
|||
|
|
Makefile | 2 +-
|
|||
|
|
src/ipfilter.c | 2 +-
|
|||
|
|
src/othptab.c | 4 ++--
|
|||
|
|
3 files changed, 4 insertions(+), 4 deletions(-)
|
|||
|
|
|
|||
|
|
diff --git a/Makefile b/Makefile
|
|||
|
|
index 46e5632e3287..958b0fbeec0f 100644
|
|||
|
|
--- a/Makefile
|
|||
|
|
+++ b/Makefile
|
|||
|
|
@@ -18,7 +18,7 @@ VERSION-FILE: FORCE
|
|||
|
|
@$(SHELL_PATH) ./GEN-VERSION-FILE
|
|||
|
|
-include VERSION-FILE
|
|||
|
|
|
|||
|
|
-CFLAGS = -g -O2 -Wall -W -std=gnu99
|
|||
|
|
+CFLAGS = -g -O2 -Wall -W -std=gnu99 -Werror=format-security
|
|||
|
|
LDFLAGS =
|
|||
|
|
ALL_CFLAGS = $(CPPFLAGS) $(CFLAGS)
|
|||
|
|
ALL_LDFLAGS = $(LDFLAGS)
|
|||
|
|
diff --git a/src/ipfilter.c b/src/ipfilter.c
|
|||
|
|
index eb17ec7c7615..8c76e4c801c2 100644
|
|||
|
|
--- a/src/ipfilter.c
|
|||
|
|
+++ b/src/ipfilter.c
|
|||
|
|
@@ -146,7 +146,7 @@ void gethostparams(struct hostparams *data, char *init_saddr, char *init_smask,
|
|||
|
|
snprintf(msgstr, 60,
|
|||
|
|
"Invalid protocol input at or near token \"%s\"",
|
|||
|
|
bptr);
|
|||
|
|
- tui_error(ANYKEY_MSG, msgstr);
|
|||
|
|
+ tui_error(ANYKEY_MSG, "%s", msgstr);
|
|||
|
|
doagain = 1;
|
|||
|
|
} else
|
|||
|
|
doagain = 0;
|
|||
|
|
diff --git a/src/othptab.c b/src/othptab.c
|
|||
|
|
index 5c09241fca99..e23f39e5df45 100644
|
|||
|
|
--- a/src/othptab.c
|
|||
|
|
+++ b/src/othptab.c
|
|||
|
|
@@ -407,7 +407,7 @@ void printothpentry(struct othptable *table, struct othptabent *entry,
|
|||
|
|
break;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
- sprintf(scratchpad, rarp_mac_addr);
|
|||
|
|
+ sprintf(scratchpad, "%s", rarp_mac_addr);
|
|||
|
|
strcat(msgstring, scratchpad);
|
|||
|
|
wattrset(table->othpwin, ARPATTR);
|
|||
|
|
break;
|
|||
|
|
@@ -482,7 +482,7 @@ void printothpentry(struct othptable *table, struct othptabent *entry,
|
|||
|
|
wattrset(table->othpwin, UNKNIPATTR);
|
|||
|
|
protptr = getprotobynumber(entry->protocol);
|
|||
|
|
if (protptr != NULL) {
|
|||
|
|
- sprintf(protname, protptr->p_aliases[0]);
|
|||
|
|
+ sprintf(protname, "%s", protptr->p_aliases[0]);
|
|||
|
|
} else {
|
|||
|
|
sprintf(protname, "IP protocol");
|
|||
|
|
unknown = 1;
|
|||
|
|
--
|
|||
|
|
1.8.3.2
|
|||
|
|
|