From: Tim Duesterhus <tim@bastelstu.be>
Date: Wed, 19 Feb 2020 10:41:13 +0000 (+0100)
Subject: BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
X-Git-Tag: v2.2-dev3~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e8aa5f24d6837f0b410f2779ae82aa4b4beb9f7e;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: Stop passing dynamic strings as format arguments

gcc complains rightfully:

src/ssl_sock.c: In function ‘ssl_load_global_issuers_from_path’:
src/ssl_sock.c:9860:4: warning: format not a string literal and no format arguments [-Wformat-security]
    ha_warning(warn);
    ^

Introduced in 70df7bf19cebd5593c0abb01923e6c9f72961da6.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e30bb8a6c8..ade5ffc84d 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -9857,7 +9857,7 @@ static int ssl_load_global_issuers_from_path(char **args, int section_type, stru
 			goto next;
 		ssl_load_global_issuer_from_BIO(in, fp, &warn);
 		if (warn) {
-			ha_warning(warn);
+			ha_warning("%s", warn);
 			free(warn);
 			warn = NULL;
 		}