From 82f98dcbc429bbe89a9837c533cbcbc02e77c790 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Draszik?= Date: Tue, 28 Jun 2016 12:43:31 +0100 Subject: [PATCH] idn: fix printf() format security warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit | ../../libidn-1.32/src/idn.c: In function 'main': | ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments [-Werror=format-security] | error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified")); | ^~~~~ | ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments [-Werror=format-security] | fprintf (stderr, _("Type each input string on a line by itself, " | ^~~~~~~ | ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments [-Werror=format-security] | error (EXIT_FAILURE, errno, _("input error")); | ^~~~~ | ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UTF-8 to UCS-4")); | ^ | ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UTF-8 to UCS-4")); | ^ | ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UTF-8 to UCS-4")); | ^ | ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UCS-4 to UTF-8")); | ^ | ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UCS-4 to UTF-8")); | ^ | ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UCS-4 to UTF-8")); | ^ | ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UTF-8 to UCS-4")); | ^ | ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UTF-8 to UCS-4")); | ^ | ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments [-Werror=format-security] | error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); | ^~~~~ | ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments [-Werror=format-security] | _("could not convert from UTF-8 to UCS-4")); | ^ Signed-off-by: André Draszik --- Upstream-Status: Pending src/idn.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/src/idn.c b/src/idn.c index be1c7d1..68e4291 100644 --- a/src/idn.c +++ b/src/idn.c @@ -170,7 +170,7 @@ main (int argc, char *argv[]) (args_info.idna_to_unicode_given ? 1 : 0) + (args_info.nfkc_given ? 1 : 0) != 1) { - error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified")); + error (0, 0, "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified")); usage (EXIT_FAILURE); } @@ -185,7 +185,7 @@ main (int argc, char *argv[]) if (!args_info.quiet_given && args_info.inputs_num == 0 && isatty (fileno (stdin))) - fprintf (stderr, _("Type each input string on a line by itself, " + fprintf (stderr, "%s", _("Type each input string on a line by itself, " "terminated by a newline character.\n")); do @@ -197,7 +197,7 @@ main (int argc, char *argv[]) if (feof (stdin)) break; - error (EXIT_FAILURE, errno, _("input error")); + error (EXIT_FAILURE, errno, "%s", _("input error")); } if (strlen (line) > 0) @@ -215,7 +215,7 @@ main (int argc, char *argv[]) if (!q) { free (p); - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UTF-8 to UCS-4")); } @@ -240,7 +240,7 @@ main (int argc, char *argv[]) if (!q) { free (r); - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UTF-8 to UCS-4")); } @@ -277,7 +277,7 @@ main (int argc, char *argv[]) q = stringprep_utf8_to_ucs4 (p, -1, &len); free (p); if (!q) - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UTF-8 to UCS-4")); if (args_info.debug_given) @@ -336,7 +336,7 @@ main (int argc, char *argv[]) r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); free (q); if (!r) - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UCS-4 to UTF-8")); p = stringprep_utf8_to_locale (r); @@ -360,7 +360,7 @@ main (int argc, char *argv[]) q = stringprep_utf8_to_ucs4 (p, -1, NULL); free (p); if (!q) - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UCS-4 to UTF-8")); if (args_info.debug_given) @@ -438,7 +438,7 @@ main (int argc, char *argv[]) if (!q) { free (p); - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UCS-4 to UTF-8")); } @@ -494,7 +494,7 @@ main (int argc, char *argv[]) r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); free (q); if (!r) - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UTF-8 to UCS-4")); p = stringprep_utf8_to_locale (r); @@ -523,7 +523,7 @@ main (int argc, char *argv[]) if (!q) { free (p); - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UTF-8 to UCS-4")); } @@ -537,7 +537,8 @@ main (int argc, char *argv[]) r = stringprep_utf8_nfkc_normalize (p, -1); free (p); if (!r) - error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); + error (EXIT_FAILURE, 0, "%s", + _("could not do NFKC normalization")); if (args_info.debug_given) { @@ -547,7 +548,7 @@ main (int argc, char *argv[]) if (!q) { free (r); - error (EXIT_FAILURE, 0, + error (EXIT_FAILURE, 0, "%s", _("could not convert from UTF-8 to UCS-4")); } -- 2.8.1