]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d14b49c)
BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
authorTim Duesterhus <tim@bastelstu.be>
Sat, 23 Nov 2019 22:52:30 +0000 (23:52 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Mon, 25 Nov 2019 07:55:34 +0000 (08:55 +0100)
gcc complains rightfully:

src/ssl_sock.c: In function ‘ssl_sock_prepare_all_ctx’:
src/ssl_sock.c:5507:3: warning: format not a string literal and no format arguments [-Wformat-security]
   ha_warning(errmsg);
   ^
src/ssl_sock.c:5509:3: warning: format not a string literal and no format arguments [-Wformat-security]
   ha_alert(errmsg);
   ^
src/ssl_sock.c: In function ‘cli_io_handler_commit_cert’:
src/ssl_sock.c:10208:3: warning: format not a string literal and no format arguments [-Wformat-security]
   chunk_appendf(trash, err);

Introduced in 8b453912ce9a4e1a3b1329efb2af04d1e470852e.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 91725a955d620b13d0010d5f563448089045aa68..cd04c344a5a6ffff692cf3362a6b93ef76cc2623 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5504,9 +5504,9 @@ int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf)
        }
 
        if (errcode & ERR_WARN) {
-               ha_warning(errmsg);
+               ha_warning("%s", errmsg);
        } else if (errcode & ERR_CODE) {
-               ha_alert(errmsg);
+               ha_alert("%s", errmsg);
                err++;
        }
 
@@ -10205,7 +10205,7 @@ end:
 
        chunk_appendf(trash, "\n");
        if (errcode & ERR_WARN)
-               chunk_appendf(trash, err);
+               chunk_appendf(trash, "%s", err);
        chunk_appendf(trash, "Success!\n");
        if (ci_putchk(si_ic(si), trash) == -1)
                si_rx_room_blk(si);
Mirror of https://github.com/haproxy/haproxy.git