From 1bc9cac45be4bac46f58e325779bdb8c7b7bf502 Mon Sep 17 00:00:00 2001 From: Michael Orlitzky Date: Tue, 23 Aug 2016 20:20:15 -0400 Subject: [PATCH 1/1] Fix format-security warnings. Newer versions of GCC have the ability to warn you (or throw errors) about insecure format strings. Generally this is due to an omitted format string in the printf family of functions, and a few of those issues existed in the code base. They were all fixed by adding a trivial "%s" format string. The project now builds with -Werror=format-security. --- curses/cursesterm.c | 4 ++-- lib5250/sslstream.c | 2 +- lib5250/telnetstr.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/curses/cursesterm.c b/curses/cursesterm.c index bf20f05..3032966 100644 --- a/curses/cursesterm.c +++ b/curses/cursesterm.c @@ -640,9 +640,9 @@ static void curses_terminal_update(Tn5250Terminal * This, Tn5250Display *display if(This->data->is_xterm) { if (This->data->font_132!=NULL) { if (tn5250_display_width (display)>100) - printf(This->data->font_132); + printf("%s", This->data->font_132); else - printf(This->data->font_80); + printf("%s", This->data->font_80); } printf ("\x1b[8;%d;%dt", tn5250_display_height (display)+1, tn5250_display_width (display)); diff --git a/lib5250/sslstream.c b/lib5250/sslstream.c index 2f91d1a..7f3009e 100644 --- a/lib5250/sslstream.c +++ b/lib5250/sslstream.c @@ -307,7 +307,7 @@ static void ssl_log_SB_buf(unsigned char *buf, int len) if (!tn5250_logfile) return; - fprintf(tn5250_logfile,ssl_getTelOpt(type=*buf++)); + fprintf(tn5250_logfile,"%s",ssl_getTelOpt(type=*buf++)); switch (c=*buf++) { case IS: fputs("",tn5250_logfile); diff --git a/lib5250/telnetstr.c b/lib5250/telnetstr.c index 9ad2624..cf1576f 100644 --- a/lib5250/telnetstr.c +++ b/lib5250/telnetstr.c @@ -282,7 +282,7 @@ static void log_SB_buf(unsigned char *buf, int len) if (!tn5250_logfile) return; - fprintf(tn5250_logfile,getTelOpt(type=*buf++)); + fprintf(tn5250_logfile,"%s",getTelOpt(type=*buf++)); switch (c=*buf++) { case IS: fputs("",tn5250_logfile); -- 2.7.3