Discussion:
[Linux-diag-devel] [patch 1/1] 000_hardened_build
f***@linux.vnet.ibm.com
2014-03-25 13:07:28 UTC
Permalink
000_hardened_build

Signed-off-by: Frédéric Bonnard <***@linux.vnet.ibm.com>
--- a/src/servicelog.c
+++ b/src/servicelog.c
@@ -279,7 +279,7 @@
if (newline != NULL) {
prnt_len = newline - &tmpbuf[offset] + 1;
snprintf(buf + buf_offset, prnt_len,
- &tmpbuf[offset]);
+ "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -297,7 +297,7 @@
}

/* print up to the last brkpt */
- snprintf(buf + buf_offset, prnt_len, &tmpbuf[offset]);
+ snprintf(buf + buf_offset, prnt_len, "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -305,10 +305,10 @@
}
}

- prnt_len = sprintf(buf + buf_offset, &tmpbuf[offset]);
+ prnt_len = sprintf(buf + buf_offset, "%s", &tmpbuf[offset]);
line_offset += prnt_len;

- return fprintf(stream, buf);
+ return fprintf(stream, "%s", buf);
}

/**
@@ -583,7 +583,7 @@

rc = sqlite3_open(log->location, &(log->db));
if (rc) {
- snprintf(log->error, SL_MAX_ERR, sqlite3_errmsg(log->db));
+ snprintf(log->error, SL_MAX_ERR, "%s", sqlite3_errmsg(log->db));
servicelog_close(log);
return ENOENT;
}
--- a/src/v29_print.c
+++ b/src/v29_print.c
@@ -152,7 +152,7 @@

if (newline != NULL) {
prnt_len = newline - &tmpbuf[offset] + 1;
- snprintf(buf + buf_offset, prnt_len, &tmpbuf[offset]);
+ snprintf(buf + buf_offset, prnt_len, "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -171,7 +171,7 @@
}

/* print up to the last brkpt */
- snprintf(buf + buf_offset, prnt_len, &tmpbuf[offset]);
+ snprintf(buf + buf_offset, prnt_len, "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -180,10 +180,10 @@

}

- prnt_len = sprintf(buf + buf_offset, &tmpbuf[offset]);
+ prnt_len = sprintf(buf + buf_offset, "%s", &tmpbuf[offset]);
line_offset += prnt_len;

- len = fprintf(stream, buf);
+ len = fprintf(stream, "%s", buf);

return len;
}
Aruna Balakrishnaiah
2014-03-26 10:04:41 UTC
Permalink
This patch is already in the git tree.

Commit id of the same:
commit 72e921f7c1aa1c9ce9ed104b2d0fa38cbf3eceec
Author: Frederic Bonnard <***@linux.vnet.ibm.com>
Date: Tue Mar 11 12:05:41 2014 +0100
Post by f***@linux.vnet.ibm.com
000_hardened_build
--- a/src/servicelog.c
+++ b/src/servicelog.c
@@ -279,7 +279,7 @@
if (newline != NULL) {
prnt_len = newline - &tmpbuf[offset] + 1;
snprintf(buf + buf_offset, prnt_len,
- &tmpbuf[offset]);
+ "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -297,7 +297,7 @@
}
/* print up to the last brkpt */
- snprintf(buf + buf_offset, prnt_len, &tmpbuf[offset]);
+ snprintf(buf + buf_offset, prnt_len, "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -305,10 +305,10 @@
}
}
- prnt_len = sprintf(buf + buf_offset, &tmpbuf[offset]);
+ prnt_len = sprintf(buf + buf_offset, "%s", &tmpbuf[offset]);
line_offset += prnt_len;
- return fprintf(stream, buf);
+ return fprintf(stream, "%s", buf);
}
/**
@@ -583,7 +583,7 @@
rc = sqlite3_open(log->location, &(log->db));
if (rc) {
- snprintf(log->error, SL_MAX_ERR, sqlite3_errmsg(log->db));
+ snprintf(log->error, SL_MAX_ERR, "%s", sqlite3_errmsg(log->db));
servicelog_close(log);
return ENOENT;
}
--- a/src/v29_print.c
+++ b/src/v29_print.c
@@ -152,7 +152,7 @@
if (newline != NULL) {
prnt_len = newline - &tmpbuf[offset] + 1;
- snprintf(buf + buf_offset, prnt_len, &tmpbuf[offset]);
+ snprintf(buf + buf_offset, prnt_len, "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -171,7 +171,7 @@
}
/* print up to the last brkpt */
- snprintf(buf + buf_offset, prnt_len, &tmpbuf[offset]);
+ snprintf(buf + buf_offset, prnt_len, "%s", &tmpbuf[offset]);
buf_offset = strlen(buf);
buf_offset += sprintf(buf + buf_offset, "\n");
offset += prnt_len;
@@ -180,10 +180,10 @@
}
- prnt_len = sprintf(buf + buf_offset, &tmpbuf[offset]);
+ prnt_len = sprintf(buf + buf_offset, "%s", &tmpbuf[offset]);
line_offset += prnt_len;
- len = fprintf(stream, buf);
+ len = fprintf(stream, "%s", buf);
return len;
}
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
Linux-diag-devel mailing list
https://lists.sourceforge.net/lists/listinfo/linux-diag-devel
Loading...