I've done a build of vdr 1.3.44 with -Wformat=2. This was noisier than it might be due to some tr() calls; however, in <libintl.h>, I've spotted something of use: __attribute_format_arg__ (index) With this added to the prototype for I18nTranslate, a lot of "non-constant format string" warnings are eliminated. I've also found several possible problems, mostly missing format strings. I don't /think/ that any of the missing-format-string ones are exploitable (at least one definitely isn't), but it's better to have them fixed anyway... Patch attached. This kills all of the format string warnings which I could find. -- | Darren Salt | linux or ds at | nr. Ashington, | Toon | RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army | <URL:http://www.youmustbejoking.demon.co.uk/> (PGP 2.6, GPG keys) Don't put too fine a point to your wit for fear it should get blunted. -------------- next part -------------- diff -urNad vdr-1.3.44~/PLUGINS/src/sky/sky.c vdr-1.3.44/PLUGINS/src/sky/sky.c --- vdr-1.3.44~/PLUGINS/src/sky/sky.c 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/PLUGINS/src/sky/sky.c 2006-03-03 22:44:49.753371301 +0000 @@ -108,9 +108,8 @@ void cDigiboxDevice::LircSend(const char *s) { - const char *c = "SEND_ONCE SKY %s\n"; char buf[100]; - sprintf(buf, c, s); + snprintf(buf, sizeof(buf), "SEND_ONCE SKY %s\n", s); dsyslog(buf);//XXX if (write(fd_lirc, buf, strlen(buf)) < 0) LOG_ERROR;//XXX _STR diff -urNad vdr-1.3.44~/i18n.h vdr-1.3.44/i18n.h --- vdr-1.3.44~/i18n.h 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/i18n.h 2006-03-03 22:44:49.757371043 +0000 @@ -18,7 +18,8 @@ void I18nRegister(const tI18nPhrase * const Phrases, const char *Plugin); -const char *I18nTranslate(const char *s, const char *Plugin = NULL); +const char *I18nTranslate(const char *s, const char *Plugin = NULL) + __attribute_format_arg__(1); const char * const * I18nLanguages(void); const char * const * I18nCharSets(void); diff -urNad vdr-1.3.44~/menuitems.c vdr-1.3.44/menuitems.c --- vdr-1.3.44~/menuitems.c 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/menuitems.c 2006-03-03 22:44:49.757371043 +0000 @@ -286,12 +286,13 @@ void cMenuEditStrItem::Set(void) { char buf[1000]; - const char *fmt = insert && newchar ? "[]%c%s" : "[%c]%s"; if (InEditMode()) { const cFont *font = cFont::GetFont(fontOsd); strncpy(buf, value, pos); - snprintf(buf + pos, sizeof(buf) - pos - 2, fmt, *(value + pos), value + pos + 1); + snprintf(buf + pos, sizeof(buf) - pos - 2, + insert && newchar ? "[]%c%s" : "[%c]%s", + *(value + pos), value + pos + 1); int width = cSkinDisplay::Current()->EditableWidth(); if (font->Width(buf) <= width) { // the whole buffer fits on the screen diff -urNad vdr-1.3.44~/recording.c vdr-1.3.44/recording.c --- vdr-1.3.44~/recording.c 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/recording.c 2006-03-03 22:44:59.368751304 +0000 @@ -1049,7 +1049,7 @@ bool cMark::Save(FILE *f) { - return fprintf(f, ToText()) > 0; + return fprintf(f, "%s", *ToText()) > 0; } // --- cMarks ---------------------------------------------------------------- diff -urNad vdr-1.3.44~/svdrp.c vdr-1.3.44/svdrp.c --- vdr-1.3.44~/svdrp.c 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/svdrp.c 2006-03-03 22:44:49.757371043 +0000 @@ -461,7 +461,7 @@ q += sprintf(q, "%*s", -MAXHELPTOPIC, topic); } x = 0; - Reply(-214, buffer); + Reply(-214, "%s", buffer); } } @@ -782,7 +782,7 @@ cBase64Encoder Base64(Image, ImageSize); const char *s; while ((s = Base64.NextLine()) != NULL) - Reply(-216, s); + Reply(-216, "%s", s); Reply(216, "Grabbed image %s", Option); } free(Image); @@ -799,7 +799,7 @@ if (*Option) { const char *hp = GetHelpPage(Option, HelpPages); if (hp) - Reply(214, hp); + Reply(214, "%s", hp); else { Reply(504, "HELP topic \"%s\" unknown", Option); return; @@ -1332,7 +1332,7 @@ if (*cmd && *option) { const char *hp = GetHelpPage(option, plugin->SVDRPHelpPages()); if (hp) { - Reply(-214, hp); + Reply(-214, "%s", hp); Reply(214, "End of HELP info"); } else @@ -1358,7 +1358,7 @@ int ReplyCode = 900; cString s = plugin->SVDRPCommand(cmd, option, ReplyCode); if (s) - Reply(abs(ReplyCode), *s); + Reply(abs(ReplyCode), "%s", *s); else Reply(500, "Command unrecognized: \"%s\"", cmd); } @@ -1380,7 +1380,7 @@ { delete PUTEhandler; PUTEhandler = new cPUTEhandler; - Reply(PUTEhandler->Status(), PUTEhandler->Message()); + Reply(PUTEhandler->Status(), "%s", PUTEhandler->Message()); if (PUTEhandler->Status() != 354) DELETENULL(PUTEhandler); } @@ -1467,7 +1467,7 @@ // handle PUTE data: if (PUTEhandler) { if (!PUTEhandler->Process(Cmd)) { - Reply(PUTEhandler->Status(), PUTEhandler->Message()); + Reply(PUTEhandler->Status(), "%s", PUTEhandler->Message()); DELETENULL(PUTEhandler); } return; diff -urNad vdr-1.3.44~/thread.c vdr-1.3.44/thread.c --- vdr-1.3.44~/thread.c 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/thread.c 2006-03-03 22:44:49.757371043 +0000 @@ -208,7 +208,7 @@ childTid = 0; childThreadId = 0; description = NULL; - SetDescription(Description); + SetDescription("%s", Description); } cThread::~cThread() diff -urNad vdr-1.3.44~/vdr.c vdr-1.3.44/vdr.c --- vdr-1.3.44~/vdr.c 2006-03-03 22:44:48.000000000 +0000 +++ vdr-1.3.44/vdr.c 2006-03-03 22:44:49.757371043 +0000 @@ -1067,7 +1067,7 @@ } if (UserShutdown && Next && Delta <= Setup.MinEventTimeout * 60 && !ForceShutdown) { char *buf; - asprintf(&buf, tr("Recording in %d minutes, shut down anyway?"), Delta / 60); + asprintf(&buf, tr("Recording in %ld minutes, shut down anyway?"), Delta / 60); if (Interface->Confirm(buf)) ForceShutdown = true; else
