From 6055fe3ee3b7b932e2a21160251fff0f0c6bcc39 Mon Sep 17 00:00:00 2001 From: Michael Orlitzky Date: Mon, 24 Jul 2017 10:39:43 -0400 Subject: [PATCH 1/1] Supply trivial format strings to fix format-security warnings. This commit adds a trivial format string "%s" to a number of function calls that are otherwise missing them. This avoids GCC's format-security warnings, which cause compilation failures with -Werror=format-security. Gentoo-Bug: 520620 --- bandb/bandb.c | 2 +- modules/core/m_kill.c | 4 ++-- modules/m_away.c | 4 ++-- modules/m_challenge.c | 8 ++++---- modules/m_info.c | 6 +++--- modules/m_map.c | 4 ++-- modules/m_oper.c | 6 +++--- modules/m_stats.c | 22 +++++++++++----------- src/chmode.c | 4 ++-- src/parse.c | 2 +- src/s_auth.c | 2 +- src/sslproc.c | 8 ++++---- 12 files changed, 36 insertions(+), 36 deletions(-) diff --git a/bandb/bandb.c b/bandb/bandb.c index 33166b1..2d272a1 100644 --- a/bandb/bandb.c +++ b/bandb/bandb.c @@ -289,7 +289,7 @@ db_error_cb(const char *errstr) { char buf[256]; rb_snprintf(buf, sizeof(buf), "! :%s", errstr); - rb_helper_write(bandb_helper, buf); + rb_helper_write(bandb_helper, "%s", buf); rb_sleep(2 << 30, 0); exit(1); } diff --git a/modules/core/m_kill.c b/modules/core/m_kill.c index 80df7df..2fa91da 100644 --- a/modules/core/m_kill.c +++ b/modules/core/m_kill.c @@ -97,7 +97,7 @@ mo_kill(struct Client *client_p, struct Client *source_p, int parc, const char * if((target_p = get_history(user, (long) KILLCHASETIMELIMIT)) == NULL) { if (strchr(user, '.')) - sendto_one_numeric(source_p, ERR_CANTKILLSERVER, form_str(ERR_CANTKILLSERVER)); + sendto_one_numeric(source_p, ERR_CANTKILLSERVER, "%s", form_str(ERR_CANTKILLSERVER)); else sendto_one_numeric(source_p, ERR_NOSUCHNICK, form_str(ERR_NOSUCHNICK), user); @@ -216,7 +216,7 @@ ms_kill(struct Client *client_p, struct Client *source_p, int parc, const char * if(IsServer(target_p) || IsMe(target_p)) { - sendto_one_numeric(source_p, ERR_CANTKILLSERVER, form_str(ERR_CANTKILLSERVER)); + sendto_one_numeric(source_p, ERR_CANTKILLSERVER, "%s", form_str(ERR_CANTKILLSERVER)); return 0; } diff --git a/modules/m_away.c b/modules/m_away.c index 557371e..13c4c39 100644 --- a/modules/m_away.c +++ b/modules/m_away.c @@ -85,7 +85,7 @@ m_away(struct Client *client_p, struct Client *source_p, int parc, const char *p free_away(source_p); } if(MyConnect(source_p)) - sendto_one_numeric(source_p, RPL_UNAWAY, form_str(RPL_UNAWAY)); + sendto_one_numeric(source_p, RPL_UNAWAY, "%s", form_str(RPL_UNAWAY)); return 0; } @@ -99,7 +99,7 @@ m_away(struct Client *client_p, struct Client *source_p, int parc, const char *p } if(MyConnect(source_p)) - sendto_one_numeric(source_p, RPL_NOWAWAY, form_str(RPL_NOWAWAY)); + sendto_one_numeric(source_p, RPL_NOWAWAY, "%s", form_str(RPL_NOWAWAY)); return 0; } diff --git a/modules/m_challenge.c b/modules/m_challenge.c index 2066095..b8514c4 100644 --- a/modules/m_challenge.c +++ b/modules/m_challenge.c @@ -172,7 +172,7 @@ m_challenge(struct Client *client_p, struct Client *source_p, int parc, const ch if(oper_p == NULL) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s)", source_p->localClient->opername, source_p->name, source_p->username, source_p->host, @@ -203,7 +203,7 @@ m_challenge(struct Client *client_p, struct Client *source_p, int parc, const ch if(oper_p == NULL) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s)", parv[1], source_p->name, source_p->username, source_p->host, source_p->sockhost); @@ -223,7 +223,7 @@ m_challenge(struct Client *client_p, struct Client *source_p, int parc, const ch if(IsOperConfNeedSSL(oper_p) && !IsSSLClient(source_p)) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED CHALLENGE (%s) by (%s!%s@%s) (%s) -- requires SSL/TLS", parv[1], source_p->name, source_p->username, source_p->host, source_p->sockhost); @@ -241,7 +241,7 @@ m_challenge(struct Client *client_p, struct Client *source_p, int parc, const ch { if (source_p->certfp == NULL || strcasecmp(source_p->certfp, oper_p->certfp)) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s) -- client certificate fingerprint mismatch", parv[1], source_p->name, source_p->username, source_p->host, source_p->sockhost); diff --git a/modules/m_info.c b/modules/m_info.c index dd14294..bab156f 100644 --- a/modules/m_info.c +++ b/modules/m_info.c @@ -722,7 +722,7 @@ m_info(struct Client *client_p, struct Client *source_p, int parc, const char *p /* safe enough to give this on a local connect only */ sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "INFO"); - sendto_one_numeric(source_p, RPL_ENDOFINFO, form_str(RPL_ENDOFINFO)); + sendto_one_numeric(source_p, RPL_ENDOFINFO, "%s", form_str(RPL_ENDOFINFO)); return 0; } else @@ -736,7 +736,7 @@ m_info(struct Client *client_p, struct Client *source_p, int parc, const char *p send_info_text(source_p); send_birthdate_online_time(source_p); - sendto_one_numeric(source_p, RPL_ENDOFINFO, form_str(RPL_ENDOFINFO)); + sendto_one_numeric(source_p, RPL_ENDOFINFO, "%s", form_str(RPL_ENDOFINFO)); return 0; } @@ -761,7 +761,7 @@ mo_info(struct Client *client_p, struct Client *source_p, int parc, const char * send_birthdate_online_time(source_p); - sendto_one_numeric(source_p, RPL_ENDOFINFO, form_str(RPL_ENDOFINFO)); + sendto_one_numeric(source_p, RPL_ENDOFINFO, "%s", form_str(RPL_ENDOFINFO)); } return 0; diff --git a/modules/m_map.c b/modules/m_map.c index 7a45140..baadc86 100644 --- a/modules/m_map.c +++ b/modules/m_map.c @@ -59,7 +59,7 @@ m_map(struct Client *client_p, struct Client *source_p, int parc, const char *pa } dump_map(client_p, &me, buf); - sendto_one_numeric(client_p, RPL_MAPEND, form_str(RPL_MAPEND)); + sendto_one_numeric(client_p, RPL_MAPEND, "%s", form_str(RPL_MAPEND)); return 0; } @@ -71,7 +71,7 @@ mo_map(struct Client *client_p, struct Client *source_p, int parc, const char *p { dump_map(client_p, &me, buf); scache_send_missing(client_p); - sendto_one_numeric(client_p, RPL_MAPEND, form_str(RPL_MAPEND)); + sendto_one_numeric(client_p, RPL_MAPEND, "%s", form_str(RPL_MAPEND)); return 0; } diff --git a/modules/m_oper.c b/modules/m_oper.c index b403b28..af1e008 100644 --- a/modules/m_oper.c +++ b/modules/m_oper.c @@ -83,7 +83,7 @@ m_oper(struct Client *client_p, struct Client *source_p, int parc, const char *p if(oper_p == NULL) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s)", name, source_p->name, source_p->username, source_p->host, source_p->sockhost); @@ -100,7 +100,7 @@ m_oper(struct Client *client_p, struct Client *source_p, int parc, const char *p if(IsOperConfNeedSSL(oper_p) && !IsSSLClient(source_p)) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s) -- requires SSL/TLS", name, source_p->name, source_p->username, source_p->host, source_p->sockhost); @@ -118,7 +118,7 @@ m_oper(struct Client *client_p, struct Client *source_p, int parc, const char *p { if (source_p->certfp == NULL || strcasecmp(source_p->certfp, oper_p->certfp)) { - sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST)); + sendto_one_numeric(source_p, ERR_NOOPERHOST, "%s", form_str(ERR_NOOPERHOST)); ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s) -- client certificate fingerprint mismatch", name, source_p->name, source_p->username, source_p->host, source_p->sockhost); diff --git a/modules/m_stats.c b/modules/m_stats.c index dc826bc..51555b4 100644 --- a/modules/m_stats.c +++ b/modules/m_stats.c @@ -223,7 +223,7 @@ m_stats(struct Client *client_p, struct Client *source_p, int parc, const char * if(stats_cmd_table[i].need_oper && !IsOper(source_p)) { sendto_one_numeric(source_p, ERR_NOPRIVILEGES, - form_str (ERR_NOPRIVILEGES)); + "%s", form_str (ERR_NOPRIVILEGES)); break; } if(stats_cmd_table[i].need_admin && !IsOperAdmin(source_p)) @@ -285,7 +285,7 @@ stats_connect(struct Client *source_p) (ConfigServerHide.flatten_links && !IsExemptShide(source_p))) && !IsOper(source_p)) { - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str(ERR_NOPRIVILEGES)); return; } @@ -487,7 +487,7 @@ stats_hubleaf(struct Client *source_p) (ConfigServerHide.flatten_links && !IsExemptShide(source_p))) && !IsOper(source_p)) { - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); return; } @@ -513,7 +513,7 @@ stats_auth (struct Client *source_p) { /* Oper only, if unopered, return ERR_NOPRIVS */ if((ConfigFileEntry.stats_i_oper_only == 2) && !IsOper (source_p)) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); /* If unopered, Only return matching auth blocks */ @@ -556,7 +556,7 @@ stats_tklines(struct Client *source_p) { /* Oper only, if unopered, return ERR_NOPRIVS */ if((ConfigFileEntry.stats_k_oper_only == 2) && !IsOper (source_p)) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); /* If unopered, Only return matching klines */ @@ -621,7 +621,7 @@ stats_klines(struct Client *source_p) { /* Oper only, if unopered, return ERR_NOPRIVS */ if((ConfigFileEntry.stats_k_oper_only == 2) && !IsOper (source_p)) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); /* If unopered, Only return matching klines */ @@ -689,7 +689,7 @@ stats_oper(struct Client *source_p) if(!IsOper(source_p) && ConfigFileEntry.stats_o_oper_only) { - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); return; } @@ -752,7 +752,7 @@ static void stats_ports (struct Client *source_p) { if(!IsOper (source_p) && ConfigFileEntry.stats_P_oper_only) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); else show_ports (source_p); @@ -1063,7 +1063,7 @@ stats_servers (struct Client *source_p) if(ConfigServerHide.flatten_links && !IsOper(source_p) && !IsExemptShide(source_p)) { - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); return; } @@ -1137,7 +1137,7 @@ static void stats_class(struct Client *source_p) { if(ConfigFileEntry.stats_y_oper_only && !IsOper(source_p)) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); else report_classes(source_p); @@ -1411,7 +1411,7 @@ stats_servlinks (struct Client *source_p) if(ConfigServerHide.flatten_links && !IsOper (source_p) && !IsExemptShide(source_p)) { - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str (ERR_NOPRIVILEGES)); return; } diff --git a/src/chmode.c b/src/chmode.c index 0a43199..cd649d3 100644 --- a/src/chmode.c +++ b/src/chmode.c @@ -644,7 +644,7 @@ chm_hidden(struct Client *source_p, struct Channel *chptr, if(!IsOper(source_p) && !IsServer(source_p)) { if(!(*errors & SM_ERR_NOPRIVS)) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, form_str(ERR_NOPRIVILEGES)); + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str(ERR_NOPRIVILEGES)); *errors |= SM_ERR_NOPRIVS; return; } @@ -734,7 +734,7 @@ chm_staff(struct Client *source_p, struct Channel *chptr, if(!IsOper(source_p) && !IsServer(source_p)) { if(!(*errors & SM_ERR_NOPRIVS)) - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, form_str(ERR_NOPRIVILEGES)); + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str(ERR_NOPRIVILEGES)); *errors |= SM_ERR_NOPRIVS; return; } diff --git a/src/parse.c b/src/parse.c index a8ce091..9e17de4 100644 --- a/src/parse.c +++ b/src/parse.c @@ -719,7 +719,7 @@ static void do_alias(struct alias_entry *aptr, struct Client *source_p, char *te int m_not_oper(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) { - sendto_one_numeric(source_p, ERR_NOPRIVILEGES, form_str(ERR_NOPRIVILEGES)); + sendto_one_numeric(source_p, ERR_NOPRIVILEGES, "%s", form_str(ERR_NOPRIVILEGES)); return 0; } diff --git a/src/s_auth.c b/src/s_auth.c index 2644ff1..52e4633 100644 --- a/src/s_auth.c +++ b/src/s_auth.c @@ -116,7 +116,7 @@ typedef enum } ReportType; -#define sendheader(c, r) sendto_one_notice(c, HeaderMessages[(r)]) +#define sendheader(c, r) sendto_one_notice(c, "%s", HeaderMessages[(r)]) static rb_dlink_list auth_poll_list; static rb_bh *auth_heap; diff --git a/src/sslproc.c b/src/sslproc.c index 11fadbb..51078fb 100644 --- a/src/sslproc.c +++ b/src/sslproc.c @@ -455,13 +455,13 @@ ssl_process_cmd_recv(ssl_ctl_t * ctl) break; case 'I': ssl_ok = 0; - ilog(L_MAIN, cannot_setup_ssl); - sendto_realops_snomask(SNO_GENERAL, L_ALL, cannot_setup_ssl); + ilog(L_MAIN, "%s", cannot_setup_ssl); + sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s", cannot_setup_ssl); case 'U': zlib_ok = 0; ssl_ok = 0; - ilog(L_MAIN, no_ssl_or_zlib); - sendto_realops_snomask(SNO_GENERAL, L_ALL, no_ssl_or_zlib); + ilog(L_MAIN, "%s", no_ssl_or_zlib); + sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s", no_ssl_or_zlib); ssl_killall(); break; case 'z': -- 2.13.0