"Richard W.M. Jones" <rjones@xxxxxxxxxx> wrote:
> On Wed, Mar 26, 2008 at 08:55:53PM +0100, Jim Meyering wrote:
>> qemudReportError(NULL, NULL, NULL, VIR_ERR_NO_MEMORY,
>> - "vncTLSx509certdir");
>> + "%s", _("failed to allocate vncTLSx509certdir"));
>
> versus:
>
>> qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
>> - "Cannot find QEMU binary %s: %s", binary,
>> + _("Cannot find QEMU binary %s: %s"), binary,
>> strerror(errno));
>
> I assume that the problem with the first one is that gettext might
> erroneously return a string containing % sequences, resulting in a
> runtime failure or even exploit. But that could also be a problem
> with the second one too, surely? (ie. gettext might return three or
> more % sequences).
Right.
But there's nothing we can do about the latter, and there *is* something
we can do about the former: precede with "%s". Of course, gettext tools
like msgmerge are careful to ensure that %-directives in translations
match those in the original, so it's not a problem, in general.
> OCaml gettext offers two forms of the gettext function, one for plain
> strings and one for format strings[1]. The format string version
> checks that any % sequences in the translated string are compatible
> with those in the original string. (If not then the original string
> is returned to avoid any exploit). Sounds as if we need a similar
Nice.
> feature in C gettext. A cursory check of the info file didn't show
> anything like this.
>
> Rich.
>
> [1] and of course the powerful type system ensures that you always use
> the correct form, ho hum ...
;-)
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list