From 9edfc75079a4cdb2b79ee0626b18a2757ab7987e Mon Sep 17 00:00:00 2001 From: keescook Date: Tue, 20 Mar 2007 17:16:36 +0000 Subject: [PATCH] format string protection/clean up (CVE-2007-1463, CVE-2007-1464) --- configure.ac | 4 +- src/debug/logger.cpp | 2 +- src/dom/cssparser.h | 3 +- src/dom/jsdombind.h | 5 ++- src/dom/jsengine.h | 5 ++- src/dom/lsimpl.h | 4 +- src/dom/minidom.h | 4 +- src/dom/svg/svgparser.h | 3 +- src/dom/uri.h | 5 ++- src/dom/util/ziptool.h | 9 +++-- src/dom/xmlreader.cpp | 2 +- src/dom/xmlreader.h | 3 +- src/dom/xmlwriter.h | 3 +- src/dom/xpathparser.h | 5 ++- src/extension/internal/pov-out.cpp | 5 ++- src/extension/internal/pov-out.h | 3 +- src/extension/internal/svg.cpp | 2 +- src/file.cpp | 4 +- src/interface.cpp | 2 +- src/io/inkscapestream.h | 4 +- src/jabber_whiteboard/inkboard-document.cpp | 2 +- src/jabber_whiteboard/pedrogui.cpp | 14 ++++--- src/jabber_whiteboard/pedrogui.h | 8 +--- src/libcroco/cr-statement.c | 10 ++--- src/message-context.h | 6 +-- src/message-stack.h | 6 +-- src/pedro/pedrodom.cpp | 2 +- src/pedro/pedrodom.h | 4 +- src/pedro/pedrogui.cpp | 14 ++++--- src/pedro/pedrogui.h | 8 +--- src/pedro/pedroxmpp.cpp | 44 +++++++++++---------- src/pedro/pedroxmpp.h | 15 ++----- src/trace/siox.cpp | 2 +- src/trace/siox.h | 6 +-- src/util/format.h | 4 +- src/widgets/desktop-widget.cpp | 2 +- src/xml/repr-css.cpp | 7 ++-- 37 files changed, 120 insertions(+), 111 deletions(-) diff --git a/configure.ac b/configure.ac index 121b251f3..346c1d35b 100644 --- a/configure.ac +++ b/configure.ac @@ -42,7 +42,7 @@ if test "$GCC" = "yes"; then CFLAGS="-Wno-pointer-sign $CFLAGS" AC_COMPILE_IFELSE([int dummy; ], , CFLAGS="$ink_svd_CFLAGS",) - CFLAGS="-Wall -W $CFLAGS" + CFLAGS="-Wall -Wformat-security -W -D_FORTIFY_SOURCE=2 $CFLAGS" fi dnl Honor aclocal flags @@ -690,7 +690,7 @@ if test "$GXX" = "yes"; then # programmer deliberately has an unused parameter (e.g. because it's used # as a callback or similar function pointer use). - CXXFLAGS="-Wall -W -Wpointer-arith -Wcast-align -Wsign-compare -Woverloaded-virtual -Wswitch $CXXFLAGS" + CXXFLAGS="-Wall -Wformat-security -W -Wpointer-arith -Wcast-align -Wsign-compare -Woverloaded-virtual -Wswitch -D_FORTIFY_SOURCE=2 $CXXFLAGS" dnl Test for arch-specific situations. case "$host_cpu" in diff --git a/src/debug/logger.cpp b/src/debug/logger.cpp index fc83e89df..f425edd47 100644 --- a/src/debug/logger.cpp +++ b/src/debug/logger.cpp @@ -116,7 +116,7 @@ static void set_category_mask(bool * const mask, char const *filter) { } } if (!iter->name) { - g_warning("Unknown debugging category %*s", end - start, start); + g_warning("Unknown debugging category %*s", (int)(end - start), start); } } if (*end) { diff --git a/src/dom/cssparser.h b/src/dom/cssparser.h index 0b399f7d5..816936dc3 100644 --- a/src/dom/cssparser.h +++ b/src/dom/cssparser.h @@ -29,6 +29,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include "dom.h" @@ -81,7 +82,7 @@ protected: /** * */ - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Get the character at the given location in the buffer. diff --git a/src/dom/jsdombind.h b/src/dom/jsdombind.h index f995a1f53..33a71816a 100644 --- a/src/dom/jsdombind.h +++ b/src/dom/jsdombind.h @@ -29,6 +29,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include "jsengine.h" @@ -126,12 +127,12 @@ private: /** * Ouput a printf-formatted error message */ - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Ouput a printf-formatted error message */ - void trace(char *fmt, ...); + void trace(char *fmt, ...) G_GNUC_PRINTF(2,3); JSRuntime *rt; diff --git a/src/dom/jsengine.h b/src/dom/jsengine.h index abcbb23e9..f47a7a4c7 100644 --- a/src/dom/jsengine.h +++ b/src/dom/jsengine.h @@ -29,6 +29,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include "dom.h" #include "js/jsapi.h" @@ -133,12 +134,12 @@ private: /** * Ouput a printf-formatted error message */ - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Ouput a printf-formatted error message */ - void trace(char *fmt, ...); + void trace(char *fmt, ...) G_GNUC_PRINTF(2,3); JSRuntime *rt; diff --git a/src/dom/lsimpl.h b/src/dom/lsimpl.h index 0f0088684..d73998e13 100644 --- a/src/dom/lsimpl.h +++ b/src/dom/lsimpl.h @@ -29,6 +29,8 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include + #include "domimpl.h" #include "events.h" #include "traversal.h" @@ -236,7 +238,7 @@ private: void spaces(); - void po(char *fmt, ...); + void po(char *fmt, ...) G_GNUC_PRINTF(2,3); void pos(const DOMString &str); diff --git a/src/dom/minidom.h b/src/dom/minidom.h index b1ad82f07..41af805fb 100644 --- a/src/dom/minidom.h +++ b/src/dom/minidom.h @@ -1,3 +1,5 @@ +#include + #include #include @@ -237,7 +239,7 @@ private: void getLineAndColumn(int pos, int *lineNr, int *colNr); - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); int peek(int pos); diff --git a/src/dom/svg/svgparser.h b/src/dom/svg/svgparser.h index 9305a553a..307b44e01 100644 --- a/src/dom/svg/svgparser.h +++ b/src/dom/svg/svgparser.h @@ -30,6 +30,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include "svgimpl.h" @@ -122,7 +123,7 @@ protected: /** * */ - void error(char *format, ...); + void error(char *format, ...) G_GNUC_PRINTF(2,3); diff --git a/src/dom/uri.h b/src/dom/uri.h index 8bc7df6da..8b95686b8 100644 --- a/src/dom/uri.h +++ b/src/dom/uri.h @@ -30,6 +30,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include "dom.h" @@ -197,9 +198,9 @@ private: DOMString fragment; - void error(const char *fmt, ...); + void error(const char *fmt, ...) G_GNUC_PRINTF(2,3); - void trace(const char *fmt, ...); + void trace(const char *fmt, ...) G_GNUC_PRINTF(2,3); int peek(int p); diff --git a/src/dom/util/ziptool.h b/src/dom/util/ziptool.h index 895f0ccb2..120fe568a 100644 --- a/src/dom/util/ziptool.h +++ b/src/dom/util/ziptool.h @@ -32,6 +32,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include #include @@ -203,8 +204,8 @@ private: std::string fileName; //debug messages - void error(char *fmt, ...); - void trace(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); + void trace(char *fmt, ...) G_GNUC_PRINTF(2,3); unsigned long crc; @@ -469,8 +470,8 @@ public: private: //debug messages - void error(char *fmt, ...); - void trace(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); + void trace(char *fmt, ...) G_GNUC_PRINTF(2,3); //# Private writing methods diff --git a/src/dom/xmlreader.cpp b/src/dom/xmlreader.cpp index 5e8184e4d..6e6db723d 100644 --- a/src/dom/xmlreader.cpp +++ b/src/dom/xmlreader.cpp @@ -788,7 +788,7 @@ int XmlReader::parseNode(int p0, NodePtr node, int depth) closeTagQualifiedName); if (openTagQualifiedName != closeTagQualifiedName) { - error("Mismatched closing tag. Expected . Got '%S'.", + error("Mismatched closing tag. Expected . Got '%s'.", openTagQualifiedName.c_str(), closeTagQualifiedName.c_str()); return p0; } diff --git a/src/dom/xmlreader.h b/src/dom/xmlreader.h index 1060555c7..f616fd1e1 100644 --- a/src/dom/xmlreader.h +++ b/src/dom/xmlreader.h @@ -30,6 +30,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include #include "dom.h" @@ -80,7 +81,7 @@ public: protected: - void error(char *format, ...); + void error(char *format, ...) G_GNUC_PRINTF(2,3); int get(int ch); int peek(int ch); diff --git a/src/dom/xmlwriter.h b/src/dom/xmlwriter.h index bd8501019..925dacd51 100644 --- a/src/dom/xmlwriter.h +++ b/src/dom/xmlwriter.h @@ -33,6 +33,7 @@ #include "dom.h" #include +#include namespace org @@ -64,7 +65,7 @@ protected: void spaces(); - void po(char *str, ...); + void po(char *str, ...) G_GNUC_PRINTF(2,3); void pos(const DOMString &str); diff --git a/src/dom/xpathparser.h b/src/dom/xpathparser.h index ce5656228..7a5b7cb55 100644 --- a/src/dom/xpathparser.h +++ b/src/dom/xpathparser.h @@ -33,6 +33,7 @@ #include #include +#include #include #include @@ -415,7 +416,7 @@ private: /** * */ - void trace(const char *fmt, ...); + void trace(const char *fmt, ...) G_GNUC_PRINTF(2,3); /** * @@ -425,7 +426,7 @@ private: /** * */ - void error(const char *fmt, ...); + void error(const char *fmt, ...) G_GNUC_PRINTF(2,3); //################################# //# LEXICAL SCANNING diff --git a/src/extension/internal/pov-out.cpp b/src/extension/internal/pov-out.cpp index 54d49a79a..7318fa784 100644 --- a/src/extension/internal/pov-out.cpp +++ b/src/extension/internal/pov-out.cpp @@ -124,9 +124,10 @@ void PovOutput::out(char *fmt, ...) { va_list args; va_start(args, fmt); - g_vsnprintf(fmtbuf, 4096, fmt, args); + gchar * output = g_strdup_vprintf(fmt, args); va_end(args); - outbuf.append(fmtbuf); + outbuf.append(output); + g_free(output); } diff --git a/src/extension/internal/pov-out.h b/src/extension/internal/pov-out.h index 951921313..28f630f77 100644 --- a/src/extension/internal/pov-out.h +++ b/src/extension/internal/pov-out.h @@ -72,7 +72,7 @@ private: /** * Format text to our output buffer */ - void out(char *fmt, ...); + void out(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Output a 2d vector @@ -155,7 +155,6 @@ private: //For formatted output String outbuf; - char fmtbuf[2048]; //For statistics int nrNodes; diff --git a/src/extension/internal/svg.cpp b/src/extension/internal/svg.cpp index 9a097bd6e..5d7b38c33 100644 --- a/src/extension/internal/svg.cpp +++ b/src/extension/internal/svg.cpp @@ -120,7 +120,7 @@ _load_uri (const gchar *uri) GnomeVFSResult result = gnome_vfs_open (&handle, uri_local, GNOME_VFS_OPEN_READ); if (result != GNOME_VFS_OK) { - g_warning(gnome_vfs_result_to_string(result)); + g_warning("%s", gnome_vfs_result_to_string(result)); } std::vector doc; diff --git a/src/file.cpp b/src/file.cpp index ba68b171d..c5347a66e 100644 --- a/src/file.cpp +++ b/src/file.cpp @@ -283,7 +283,7 @@ void dump_str(gchar const *str, gchar const *prefix) } tmp += "]"; - g_message(tmp.c_str()); + g_message("%s", tmp.c_str()); } void dump_ustr(Glib::ustring const &ustr) @@ -344,7 +344,7 @@ void dump_ustr(Glib::ustring const &ustr) tmp += " "; } - g_message( tmp.c_str() ); + g_message( "%s", tmp.c_str() ); } } catch (...) { g_message("XXXXXXXXXXXXXXXXXX Exception" ); diff --git a/src/interface.cpp b/src/interface.cpp index dad1146c0..c7608f53a 100644 --- a/src/interface.cpp +++ b/src/interface.cpp @@ -1247,7 +1247,7 @@ sp_ui_error_dialog(gchar const *message) gchar *safeMsg = Inkscape::IO::sanitizeString(message); dlg = gtk_message_dialog_new(NULL, GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, - GTK_BUTTONS_CLOSE, safeMsg); + GTK_BUTTONS_CLOSE, "%s", safeMsg); sp_transientize(dlg); gtk_window_set_resizable(GTK_WINDOW(dlg), FALSE); gtk_dialog_run(GTK_DIALOG(dlg)); diff --git a/src/io/inkscapestream.h b/src/io/inkscapestream.h index ad213dad9..9c624af8f 100644 --- a/src/io/inkscapestream.h +++ b/src/io/inkscapestream.h @@ -475,7 +475,7 @@ public: virtual void put(gunichar ch) = 0; /* Formatted output */ - virtual Writer& printf(char *fmt, ...) = 0; + virtual Writer& printf(char *fmt, ...) G_GNUC_PRINTF(2,3) = 0; virtual Writer& writeChar(char val) = 0; @@ -531,7 +531,7 @@ public: /* Formatted output */ - virtual Writer &printf(char *fmt, ...); + virtual Writer &printf(char *fmt, ...) G_GNUC_PRINTF(2,3); virtual Writer& writeChar(char val); diff --git a/src/jabber_whiteboard/inkboard-document.cpp b/src/jabber_whiteboard/inkboard-document.cpp index 0bb0783f0..9f3d8ce42 100644 --- a/src/jabber_whiteboard/inkboard-document.cpp +++ b/src/jabber_whiteboard/inkboard-document.cpp @@ -156,7 +156,7 @@ InkboardDocument::send(const Glib::ustring &destJid, Message::Wrapper &wrapper, Vars::WHITEBOARD_MESSAGE, this->sessionType, this->sm->getClient().getJid(), destJid, Vars::INKBOARD_XMLNS, this->getSessionId(), mes).c_str()); - if (!this->sm->getClient().write(finalmessage)) + if (!this->sm->getClient().write("%s",finalmessage)) { return false; } else { return true; } diff --git a/src/jabber_whiteboard/pedrogui.cpp b/src/jabber_whiteboard/pedrogui.cpp index f66e0981c..81866d8ce 100644 --- a/src/jabber_whiteboard/pedrogui.cpp +++ b/src/jabber_whiteboard/pedrogui.cpp @@ -2048,24 +2048,26 @@ void PedroGui::error(const char *fmt, ...) { va_list args; va_start(args, fmt); - vsnprintf(writeBuf, writeBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - Gtk::MessageDialog dlg(writeBuf, + Gtk::MessageDialog dlg(buffer, false, Gtk::MESSAGE_ERROR, Gtk::BUTTONS_OK, true); dlg.run(); + g_free(buffer); } void PedroGui::status(const char *fmt, ...) { va_list args; va_start(args, fmt); - vsnprintf(writeBuf, writeBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - messageList.postMessage("STATUS", writeBuf); + messageList.postMessage("STATUS", buffer); + g_free(buffer); } //################################ @@ -2286,13 +2288,13 @@ void PedroGui::doEvent(const XmppEvent &event) case XmppEvent::EVENT_STATUS: { //printf("##### STATUS: %s\n", event.getData().c_str()); - status(event.getData().c_str()); + status("%s", event.getData().c_str()); break; } case XmppEvent::EVENT_ERROR: { //printf("##### ERROR: %s\n", event.getData().c_str()); - error(event.getData().c_str()); + error("%s", event.getData().c_str()); padlockDisable(); break; } diff --git a/src/jabber_whiteboard/pedrogui.h b/src/jabber_whiteboard/pedrogui.h index b223d7263..d9a66a5e5 100644 --- a/src/jabber_whiteboard/pedrogui.h +++ b/src/jabber_whiteboard/pedrogui.h @@ -795,9 +795,9 @@ public: XmppConfig config; - virtual void error(const char *fmt, ...); + virtual void error(const char *fmt, ...) G_GNUC_PRINTF(2,3); - virtual void status(const char *fmt, ...); + virtual void status(const char *fmt, ...) G_GNUC_PRINTF(2,3); @@ -900,10 +900,6 @@ private: std::vectorchats; std::vectorgroupChats; - - static const int writeBufLen = 2048; - - char writeBuf[writeBufLen]; }; diff --git a/src/libcroco/cr-statement.c b/src/libcroco/cr-statement.c index 501741c37..40df49878 100644 --- a/src/libcroco/cr-statement.c +++ b/src/libcroco/cr-statement.c @@ -2432,7 +2432,7 @@ cr_statement_dump_ruleset (CRStatement * a_this, FILE * a_fp, glong a_indent) g_return_if_fail (a_fp && a_this); gchar *str = cr_statement_ruleset_to_string (a_this, a_indent); if (str) { - fprintf (a_fp, str); + fprintf (a_fp, "%s", str); g_free (str); str = NULL; } @@ -2475,7 +2475,7 @@ cr_statement_dump_charset (CRStatement * a_this, FILE * a_fp, gulong a_indent) gchar *str = cr_statement_charset_to_string (a_this, a_indent) ; if (str) { - fprintf (a_fp, str) ; + fprintf (a_fp, "%s", str) ; g_free (str) ; str = NULL ; } @@ -2497,7 +2497,7 @@ cr_statement_dump_page (CRStatement * a_this, FILE * a_fp, gulong a_indent) gchar *str = cr_statement_at_page_rule_to_string (a_this, a_indent) ; if (str) { - fprintf (a_fp, str); + fprintf (a_fp, "%s", str); g_free (str) ; str = NULL ; } @@ -2520,7 +2520,7 @@ cr_statement_dump_media_rule (CRStatement * a_this, str = cr_statement_media_rule_to_string (a_this, a_indent) ; if (str) { - fprintf (a_fp, str) ; + fprintf (a_fp, "%s", str) ; g_free (str) ; str = NULL ; } @@ -2543,7 +2543,7 @@ cr_statement_dump_import_rule (CRStatement * a_this, FILE * a_fp, str = cr_statement_import_rule_to_string (a_this, a_indent) ; if (str) { - fprintf (a_fp, str) ; + fprintf (a_fp, "%s", str) ; g_free (str) ; str = NULL ; } diff --git a/src/message-context.h b/src/message-context.h index e5ed18e8b..145a73ee5 100644 --- a/src/message-context.h +++ b/src/message-context.h @@ -15,7 +15,7 @@ #define SEEN_INKSCAPE_MESSAGE_CONTEXT_H #include -#include +#include #include "message.h" namespace Inkscape { @@ -56,7 +56,7 @@ public: * @param type the message type * @param format a printf-style formatting string */ - void setF(MessageType type, gchar const *format, ...); + void setF(MessageType type, gchar const *format, ...) G_GNUC_PRINTF(3,4); /** @brief pushes a message on the stack using printf-style formatting, * and a stdarg argument list @@ -82,7 +82,7 @@ public: * @param type the message type * @param format a printf-style formatting string */ - void flashF(MessageType type, gchar const *format, ...); + void flashF(MessageType type, gchar const *format, ...) G_GNUC_PRINTF(3,4); /** @brief pushes a message onto the stack for a brief period of time * using printf-style formatting and a stdarg argument list; diff --git a/src/message-stack.h b/src/message-stack.h index 058c44933..24ec2d599 100644 --- a/src/message-stack.h +++ b/src/message-stack.h @@ -15,7 +15,7 @@ #define SEEN_INKSCAPE_MESSAGE_STACK_H #include -#include +#include #include #include "gc-managed.h" #include "gc-finalized.h" @@ -85,7 +85,7 @@ public: * * @return the id of the pushed message */ - MessageId pushF(MessageType type, gchar const *format, ...); + MessageId pushF(MessageType type, gchar const *format, ...) G_GNUC_PRINTF(3,4); /** @brief pushes a message onto the stack using printf-like formatting, * using a stdarg argument list @@ -124,7 +124,7 @@ public: * * @return the id of the pushed message */ - MessageId flashF(MessageType type, gchar const *format, ...); + MessageId flashF(MessageType type, gchar const *format, ...) G_GNUC_PRINTF(3,4); /** @brief temporarily pushes a message onto the stack using * printf-like formatting, using a stdarg argument list diff --git a/src/pedro/pedrodom.cpp b/src/pedro/pedrodom.cpp index a15d74251..4cb176a52 100644 --- a/src/pedro/pedrodom.cpp +++ b/src/pedro/pedrodom.cpp @@ -652,7 +652,7 @@ int Parser::parseElement(int p0, Element *par,int depth) p = getWord(p, closeTagName); if (openTagName != closeTagName) { - error("Mismatched closing tag. Expected . Got '%S'.", + error("Mismatched closing tag. Expected . Got '%s'.", openTagName.c_str(), closeTagName.c_str()); return p0; } diff --git a/src/pedro/pedrodom.h b/src/pedro/pedrodom.h index 0d418ac20..b8078dce1 100644 --- a/src/pedro/pedrodom.h +++ b/src/pedro/pedrodom.h @@ -23,6 +23,8 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include + #include #include @@ -312,7 +314,7 @@ private: void getLineAndColumn(long pos, long *lineNr, long *colNr); - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); int peek(long pos); diff --git a/src/pedro/pedrogui.cpp b/src/pedro/pedrogui.cpp index 6bdbe3422..38c66b407 100644 --- a/src/pedro/pedrogui.cpp +++ b/src/pedro/pedrogui.cpp @@ -1992,24 +1992,26 @@ void PedroGui::error(const char *fmt, ...) { va_list args; va_start(args, fmt); - vsnprintf(writeBuf, writeBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - Gtk::MessageDialog dlg(writeBuf, + Gtk::MessageDialog dlg(buffer, false, Gtk::MESSAGE_ERROR, Gtk::BUTTONS_OK, true); dlg.run(); + g_free(buffer); } void PedroGui::status(const char *fmt, ...) { va_list args; va_start(args, fmt); - vsnprintf(writeBuf, writeBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - messageList.postMessage("STATUS", writeBuf); + messageList.postMessage("STATUS", buffer); + g_free(buffer); } //################################ @@ -2227,13 +2229,13 @@ void PedroGui::doEvent(const XmppEvent &event) case XmppEvent::EVENT_STATUS: { //printf("##### STATUS: %s\n", event.getData().c_str()); - status(event.getData().c_str()); + status("%s", event.getData().c_str()); break; } case XmppEvent::EVENT_ERROR: { //printf("##### ERROR: %s\n", event.getData().c_str()); - error(event.getData().c_str()); + error("%s", event.getData().c_str()); padlockDisable(); break; } diff --git a/src/pedro/pedrogui.h b/src/pedro/pedrogui.h index dfafc0edf..4af4f1aac 100644 --- a/src/pedro/pedrogui.h +++ b/src/pedro/pedrogui.h @@ -790,9 +790,9 @@ public: XmppConfig config; - virtual void error(const char *fmt, ...); + virtual void error(const char *fmt, ...) G_GNUC_PRINTF(2,3); - virtual void status(const char *fmt, ...); + virtual void status(const char *fmt, ...) G_GNUC_PRINTF(2,3); @@ -893,10 +893,6 @@ private: std::vectorchats; std::vectorgroupChats; - - static const int writeBufLen = 2048; - - char writeBuf[writeBufLen]; }; diff --git a/src/pedro/pedroxmpp.cpp b/src/pedro/pedroxmpp.cpp index efe51d277..1dc1d7ced 100644 --- a/src/pedro/pedroxmpp.cpp +++ b/src/pedro/pedroxmpp.cpp @@ -295,12 +295,13 @@ void XmppEventTarget::error(char *fmt, ...) { va_list args; va_start(args,fmt); - vsnprintf(targetWriteBuf, targetWriteBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - fprintf(stderr, "Error:%s\n", targetWriteBuf); + fprintf(stderr, "Error:%s\n", buffer); XmppEvent evt(XmppEvent::EVENT_ERROR); - evt.setData(targetWriteBuf); + evt.setData(buffer); dispatchXmppEvent(evt); + g_free(buffer); } @@ -312,12 +313,13 @@ void XmppEventTarget::status(char *fmt, ...) { va_list args; va_start(args,fmt); - vsnprintf(targetWriteBuf, targetWriteBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - //printf("Status:%s\n", targetWriteBuf); + //printf("Status:%s\n", buffer); XmppEvent evt(XmppEvent::EVENT_STATUS); - evt.setData(targetWriteBuf); + evt.setData(buffer); dispatchXmppEvent(evt); + g_free(buffer); } @@ -1158,7 +1160,7 @@ bool XmppClient::processIq(Element *root) "IQ set does not contain a 'from' address because " "the entity is not registered with the server"); } - error((char *)errMsg.c_str()); + error("%s",(char *)errMsg.c_str()); } else if (id.find("regcancel") != id.npos) @@ -1197,7 +1199,7 @@ bool XmppClient::processIq(Element *root) "IQ set does not contain a 'from' address because " "the entity is not registered with the server"); } - error((char *)errMsg.c_str()); + error("%s",(char *)errMsg.c_str()); } return true; @@ -1287,17 +1289,19 @@ bool XmppClient::receiveAndProcessLoop() bool XmppClient::write(char *fmt, ...) { + bool rc = true; va_list args; va_start(args,fmt); - vsnprintf((char *)writeBuf, writeBufLen, fmt,args); + gchar * buffer = g_strdup_vprintf(fmt,args); va_end(args) ; - status("SEND: %s", writeBuf); - if (!sock->write((char *)writeBuf)) + status("SEND: %s", buffer); + if (!sock->write(buffer)) { error("Cannot write to socket"); - return false; + rc = false; } - return true; + g_free(buffer); + return rc; } @@ -1388,7 +1392,7 @@ bool XmppClient::inBandRegistrationNew() { errMsg.append("some registration information was not provided"); } - error((char *)errMsg.c_str()); + error("%s",(char *)errMsg.c_str()); delete elem; return false; } @@ -1612,7 +1616,7 @@ bool XmppClient::saslMd5Authenticate() char *fmt = "\n"; - if (!write(fmt)) + if (!write("%s",fmt)) return false; DOMString recbuf = readStanza(); @@ -1760,7 +1764,7 @@ bool XmppClient::saslMd5Authenticate() fmt = "\n"; - if (!write(fmt)) + if (!write("%s",fmt)) return false; recbuf = readStanza(); @@ -1843,7 +1847,7 @@ bool XmppClient::saslAuthenticate() delete elem; char *fmt = "\n"; - if (!write(fmt)) + if (!write("%s",fmt)) return false; recbuf = readStanza(); status("RECV: '%s'\n", recbuf.c_str()); @@ -2087,7 +2091,7 @@ bool XmppClient::createSession() DOMString givenJid, givenResource; parseJid(givenFullJid, givenJid, givenResource); status("given user: %s realm: %s, rsrc: %s", - givenJid.c_str(), givenResource.c_str()); + givenJid.c_str(), realm.c_str(), givenResource.c_str()); setResource(givenResource); } @@ -2143,7 +2147,7 @@ bool XmppClient::createSession() fmt = "\n"; - if (!write(fmt)) + if (!write("%s",fmt)) return false; /* @@ -2217,7 +2221,7 @@ bool XmppClient::disconnect() { char *fmt = "\n"; - write(fmt); + write("%s",fmt); } keepGoing = false; connected = false; diff --git a/src/pedro/pedroxmpp.h b/src/pedro/pedroxmpp.h index 1ad849b99..554cb76c6 100644 --- a/src/pedro/pedroxmpp.h +++ b/src/pedro/pedroxmpp.h @@ -24,6 +24,7 @@ */ #include +#include #include #include @@ -566,13 +567,13 @@ public: /** * Send an error message to all subscribers */ - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Send a status message to all subscribers */ - void status(char *fmt, ...); + void status(char *fmt, ...) G_GNUC_PRINTF(2,3); //########################### //# LISTENERS @@ -629,10 +630,6 @@ private: std::vector eventQueue; bool eventQueueEnabled; - - static const int targetWriteBufLen = 2048; - - char targetWriteBuf[targetWriteBufLen]; }; @@ -725,7 +722,7 @@ public: /** * */ - virtual bool write(char *fmt, ...); + virtual bool write(char *fmt, ...) G_GNUC_PRINTF(2,3); //####################### //# V A R I A B L E S @@ -1146,10 +1143,6 @@ private: bool doRegister; - static const int writeBufLen = 2048; - - unsigned char writeBuf[writeBufLen]; - std::vectorgroupChats; //#### Roster diff --git a/src/trace/siox.cpp b/src/trace/siox.cpp index f06f943e0..c69af04a1 100644 --- a/src/trace/siox.cpp +++ b/src/trace/siox.cpp @@ -884,7 +884,7 @@ SioxImage Siox::extractForeground(const SioxImage &originalImage, return workImage; } - trace("knownBg:%d knownFg:%d", knownBg.size(), knownFg.size()); + trace("knownBg:%zu knownFg:%zu", knownBg.size(), knownFg.size()); std::vector bgSignature ; diff --git a/src/trace/siox.h b/src/trace/siox.h index 8f6f90ff9..5d6059d3c 100644 --- a/src/trace/siox.h +++ b/src/trace/siox.h @@ -374,7 +374,7 @@ private: /** * Error logging */ - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); }; @@ -562,12 +562,12 @@ private: /** * Error logging */ - void error(char *fmt, ...); + void error(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Trace logging */ - void trace(char *fmt, ...); + void trace(char *fmt, ...) G_GNUC_PRINTF(2,3); /** * Stage 1 of the color signature work. 'dims' will be either diff --git a/src/util/format.h b/src/util/format.h index 3066173e1..80d79c28a 100644 --- a/src/util/format.h +++ b/src/util/format.h @@ -13,7 +13,7 @@ #define SEEN_INKSCAPE_UTIL_FORMAT_H #include -#include +#include #include "util/share.h" namespace Inkscape { @@ -27,6 +27,8 @@ inline ptr_shared vformat(char const *format, va_list args) { return result; } + // needed since G_GNUC_PRINTF can only be used on a declaration + ptr_shared format(char const *format, ...) G_GNUC_PRINTF(1,2); inline ptr_shared format(char const *format, ...) { va_list args; diff --git a/src/widgets/desktop-widget.cpp b/src/widgets/desktop-widget.cpp index 237e4c8e9..65afc4f29 100644 --- a/src/widgets/desktop-widget.cpp +++ b/src/widgets/desktop-widget.cpp @@ -823,7 +823,7 @@ SPDesktopWidget::warnDialog (gchar* text) GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_WARNING, GTK_BUTTONS_YES_NO, - text); + "%s", text); gint response = gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); if (response == GTK_RESPONSE_YES) diff --git a/src/xml/repr-css.cpp b/src/xml/repr-css.cpp index 994d73a24..8540ff9f0 100644 --- a/src/xml/repr-css.cpp +++ b/src/xml/repr-css.cpp @@ -186,10 +186,9 @@ sp_repr_css_print(SPCSSAttr *css) for ( List iter = css->attributeList() ; iter ; ++iter ) { - g_print(g_quark_to_string(iter->key)); - g_print(":\t"); - g_print(iter->value); - g_print("\n"); + gchar const * key = g_quark_to_string(iter->key); + gchar const * val = iter->value; + g_print("%s:\t%s\n",key,val); } } -- 2.30.2