From 32ede3cc817ee4f6806877a34a6c84ed50c31df7 Mon Sep 17 00:00:00 2001 From: Miroslav Grepl Date: Fri, 11 Apr 2014 18:49:33 +0200 Subject: [PATCH 11/11] Fix -Wformat-security issues --- libseaudit/src/bool_message.c | 4 ++-- libseaudit/src/filter.c | 2 +- libseaudit/src/model.c | 2 +- seaudit/progress.c | 4 ++-- seaudit/toplevel.c | 2 +- seaudit/utilgui.c | 2 +- sediff/progress.c | 4 ++-- sediff/toplevel.c | 2 +- sediff/utilgui.c | 2 +- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/libseaudit/src/bool_message.c b/libseaudit/src/bool_message.c index f105cf0..d5b1e33 100644 --- a/libseaudit/src/bool_message.c +++ b/libseaudit/src/bool_message.c @@ -101,7 +101,7 @@ char *bool_message_to_string(const seaudit_message_t * msg, const char *date) return NULL; } if ((misc_string = bool_message_to_misc_string(boolm)) == NULL || - apol_str_appendf(&s, &len, misc_string) < 0 || apol_str_append(&s, &len, close_brace) < 0) { + apol_str_appendf(&s, &len, "%s", misc_string) < 0 || apol_str_append(&s, &len, close_brace) < 0) { free(misc_string); return NULL; } @@ -128,7 +128,7 @@ char *bool_message_to_string_html(const seaudit_message_t * msg, const char *dat return NULL; } if ((misc_string = bool_message_to_misc_string(boolm)) == NULL || - apol_str_appendf(&s, &len, misc_string) < 0 || apol_str_appendf(&s, &len, "%s%s
", s, close_brace) < 0) { + apol_str_appendf(&s, &len, "%s", misc_string) < 0 || apol_str_appendf(&s, &len, "%s%s
", s, close_brace) < 0) { free(misc_string); return NULL; } diff --git a/libseaudit/src/filter.c b/libseaudit/src/filter.c index 298a309..c710ce4 100644 --- a/libseaudit/src/filter.c +++ b/libseaudit/src/filter.c @@ -1108,7 +1108,7 @@ int seaudit_filter_save_to_file(const seaudit_filter_t * filter, const char *fil if ((file = fopen(filename, "w")) == NULL) { return -1; } - fprintf(file, XML_VER); + fprintf(file, "%s", XML_VER); fprintf(file, "\n", FILTER_FILE_FORMAT_VERSION); filter_append_to_file(filter, file, 1); fprintf(file, "\n"); diff --git a/libseaudit/src/model.c b/libseaudit/src/model.c index 1bc4a23..4a130cb 100644 --- a/libseaudit/src/model.c +++ b/libseaudit/src/model.c @@ -514,7 +514,7 @@ int seaudit_model_save_to_file(const seaudit_model_t * model, const char *filena if ((file = fopen(filename, "w")) == NULL) { return -1; } - fprintf(file, XML_VER); + fprintf(file, "%s", XML_VER); fprintf(file, "\n", FILTER_FILE_FORMAT_VERSION, model->name, model->match == SEAUDIT_FILTER_MATCH_ALL ? "all" : "any", diff --git a/seaudit/progress.c b/seaudit/progress.c index 2e0abeb..f092858 100644 --- a/seaudit/progress.c +++ b/seaudit/progress.c @@ -114,10 +114,10 @@ int progress_wait(progress_t * progress) } g_mutex_unlock(progress->mutex); if (progress->done < 0) { - toplevel_ERR(progress->top, GTK_LABEL(progress->label2)->label); + toplevel_ERR(progress->top, "%s", GTK_LABEL(progress->label2)->label); return progress->done; } else if (progress->done > 1) { - toplevel_WARN(progress->top, GTK_LABEL(progress->label2)->label); + toplevel_WARN(progress->top, "%s", GTK_LABEL(progress->label2)->label); return progress->done - 1; } else { progress->done = 0; diff --git a/seaudit/toplevel.c b/seaudit/toplevel.c index d901a99..27938d5 100644 --- a/seaudit/toplevel.c +++ b/seaudit/toplevel.c @@ -902,7 +902,7 @@ static void toplevel_message(toplevel_t * top, GtkMessageType msg_type, const ch ERR(NULL, "%s", strerror(errno)); return; } - dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg); + dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg); free(msg); gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); diff --git a/seaudit/utilgui.c b/seaudit/utilgui.c index 22028e1..78a1a08 100644 --- a/seaudit/utilgui.c +++ b/seaudit/utilgui.c @@ -30,7 +30,7 @@ void util_message(GtkWindow * parent, GtkMessageType msg_type, const char *msg) { GtkWidget *dialog; - dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg); + dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg); gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); } diff --git a/sediff/progress.c b/sediff/progress.c index efaa120..312789e 100644 --- a/sediff/progress.c +++ b/sediff/progress.c @@ -115,10 +115,10 @@ int progress_wait(progress_t * progress) } g_mutex_unlock(progress->mutex); if (progress->done < 0) { - toplevel_ERR(progress->top, GTK_LABEL(progress->label2)->label); + toplevel_ERR(progress->top, "%s", GTK_LABEL(progress->label2)->label); return progress->done; } else if (progress->done > 1) { - toplevel_WARN(progress->top, GTK_LABEL(progress->label2)->label); + toplevel_WARN(progress->top, "%s", GTK_LABEL(progress->label2)->label); return progress->done - 1; } else { progress->done = 0; diff --git a/sediff/toplevel.c b/sediff/toplevel.c index db6d1f5..aabd039 100644 --- a/sediff/toplevel.c +++ b/sediff/toplevel.c @@ -453,7 +453,7 @@ static void toplevel_message(toplevel_t * top, GtkMessageType msg_type, const ch ERR(NULL, "%s", strerror(errno)); return; } - dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg); + dialog = gtk_message_dialog_new(top->w, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg); free(msg); gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); diff --git a/sediff/utilgui.c b/sediff/utilgui.c index 04e1e05..9e183ba 100644 --- a/sediff/utilgui.c +++ b/sediff/utilgui.c @@ -31,7 +31,7 @@ void util_message(GtkWindow * parent, GtkMessageType msg_type, const char *msg) { GtkWidget *dialog; - dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, msg); + dialog = gtk_message_dialog_new(parent, GTK_DIALOG_DESTROY_WITH_PARENT, msg_type, GTK_BUTTONS_CLOSE, "%s", msg); gtk_dialog_run(GTK_DIALOG(dialog)); gtk_widget_destroy(dialog); } -- 1.8.5.3