From 1d5308d08220927e7ec881c99d50930a00175331 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ralf=20Cors=C3=A9pius?= <corsepiu@fedoraproject.org>
Date: Wed, 17 Feb 2016 15:17:00 +0100
Subject: [PATCH 7/9] dx-format-security
---
src/exec/dpexec/dxmain.c | 4 ++--
src/exec/dpexec/lex.c | 2 +-
src/exec/dxmods/colormap.c | 4 ++--
src/exec/dxmods/exp_gai.c | 24 ++++++++++++------------
src/uipp/dxl/conn.c | 2 +-
src/uipp/dxui/SelectionNode.C | 2 +-
src/uipp/dxuilib/DXApplication.C | 12 ++++++------
7 files changed, 25 insertions(+), 25 deletions(-)
diff --git a/src/exec/dpexec/dxmain.c b/src/exec/dpexec/dxmain.c
index ce42d2c..7bb4982 100644
--- a/src/exec/dpexec/dxmain.c
+++ b/src/exec/dpexec/dxmain.c
@@ -2129,7 +2129,7 @@ int ExCheckInput ()
if ((SFILEisatty(yyin) || (_dxd_exRshInput && yyin == _dxd_exBaseFD)) &&
!prompted && _dxf_ExGQAllDone() && !SFILECharReady(yyin)) {
prompt = _dxf_ExPromptGet(PROMPT_ID_PROMPT);
- printf (prompt? prompt: EX_PROMPT);
+ printf ("%s", prompt? prompt: EX_PROMPT);
fflush (stdout);
prompted = TRUE;
}
@@ -2305,7 +2305,7 @@ static int ExInputAvailable (SFILE *fp)
_dxf_ExGQAllDone ())\
{\
prompt = _dxf_ExPromptGet (PROMPT_ID_PROMPT);\
- printf (prompt ? prompt : EX_PROMPT);\
+ printf ("%s", prompt ? prompt : EX_PROMPT);\
fflush (stdout);\
prompted = TRUE;\
}\
diff --git a/src/exec/dpexec/lex.c b/src/exec/dpexec/lex.c
index 37032e1..867d11f 100644
--- a/src/exec/dpexec/lex.c
+++ b/src/exec/dpexec/lex.c
@@ -649,7 +649,7 @@ int yylex(YYSTYPE *lvalp)
if ((_dxd_exIsatty || _dxd_exRshInput) && !SFILECharReady(yyin))
{
prompt = _dxf_ExPromptGet(PROMPT_ID_CPROMPT);
- printf (prompt? prompt: EX_CPROMPT);
+ printf ("%s",prompt? prompt: EX_CPROMPT);
fflush (stdout);
}
break;
diff --git a/src/exec/dxmods/colormap.c b/src/exec/dxmods/colormap.c
index 28b31ab..0c81f37 100644
--- a/src/exec/dxmods/colormap.c
+++ b/src/exec/dxmods/colormap.c
@@ -1167,7 +1167,7 @@ Error print_map(Field f,char *component,char *name, char *id)
if (!ei.msgbuf)
return ERROR;
ei.mp = ei.msgbuf;
- sprintf(ei.mp,name); while(*ei.mp) ei.mp++;
+ sprintf("%s",ei.mp,name); while(*ei.mp) ei.mp++;
sprintf(ei.mp, "NULL");
DXUIMessage(id,ei.msgbuf);
DXFree(ei.msgbuf);
@@ -1186,7 +1186,7 @@ Error print_map(Field f,char *component,char *name, char *id)
ei.mp = ei.msgbuf;
shape[0]=2;
strcpy(ei.mp,"");
- sprintf(ei.mp,name); while(*ei.mp) ei.mp++;
+ sprintf("%s",ei.mp,name); while(*ei.mp) ei.mp++;
if (num==1){
sprintf(ei.mp,"{"); ei.mp++;
}
diff --git a/src/exec/dxmods/exp_gai.c b/src/exec/dxmods/exp_gai.c
index 3701f58..16705b3 100644
--- a/src/exec/dxmods/exp_gai.c
+++ b/src/exec/dxmods/exp_gai.c
@@ -422,7 +422,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -439,7 +439,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -456,7 +456,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -473,7 +473,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -490,7 +490,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -507,7 +507,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -524,7 +524,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -541,7 +541,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
if (first == ON)
first = OFF;
else
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else
@@ -554,7 +554,7 @@ static Error pvalue(struct array_info *arinfo,struct how *h,int item,int blank,i
arinfo->last,scratch);
arinfo->last = (Pointer)nextstr;
if (first == OFF)
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
if (blank == ON)
pblank(arinfo,h);
else {
@@ -830,7 +830,7 @@ static void field_header(Field f,struct how *h)
if (rank > 0) {
for (i=0; i<shape[0]; i++){
if (i > 0)
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
fprintf(h->dfp,"positions_cmp%d",i);
}
}
@@ -845,13 +845,13 @@ static void field_header(Field f,struct how *h)
!strcmp("positions",depon) && strcmp("invalid positions",name)
&& strcmp("positions",name) ) {
if (first == OFF)
- fprintf(h->dfp,del);
+ fprintf(h->dfp,"%s",del);
DXGetArrayInfo((Array)a,NULL,&type,NULL,&rank,shape);
/* dim = (rank < 1) ? 1 : shape[0]; */
if (type != TYPE_STRING && rank > 0 && shape[0] > 1) {
cmp = (char *)DXAllocate(strlen(name)+6);
for (j=0; j<shape[0]; j++) {
- if (j > 0) fprintf(h->dfp, del);
+ if (j > 0) fprintf(h->dfp, "%s", del);
sprintf(cmp,"%s_cmp%d",name,j);
pstring(h->dfp,0,0,0,cmp);
}
diff --git a/src/uipp/dxl/conn.c b/src/uipp/dxl/conn.c
index e885c6a..571834a 100644
--- a/src/uipp/dxl/conn.c
+++ b/src/uipp/dxl/conn.c
@@ -389,7 +389,7 @@ DXLStartChild(const char *string, const char *host, int* inp, int* outp, int* er
char buf[2048];
int n = read(err,buf,2048);
buf[n] = '\0';
- fprintf(stderr,buf);
+ fprintf(stderr,"%s",buf);
}
#if defined(intelnt) || defined(WIN32)
TerminateProcess(child, -1);
diff --git a/src/uipp/dxui/SelectionNode.C b/src/uipp/dxui/SelectionNode.C
index fbe9fa8..2dcf172 100644
--- a/src/uipp/dxui/SelectionNode.C
+++ b/src/uipp/dxui/SelectionNode.C
@@ -960,7 +960,7 @@ boolean SelectionNode::printJavaValue (FILE* jf)
ListIterator it(selection_stmts);
char* cp;
while ( (cp = (char*)it.getNext()) ) {
- fprintf (jf, cp);
+ fprintf (jf, "%s", cp);
delete cp;
}
}
diff --git a/src/uipp/dxuilib/DXApplication.C b/src/uipp/dxuilib/DXApplication.C
index b853b77..6be6f72 100644
--- a/src/uipp/dxuilib/DXApplication.C
+++ b/src/uipp/dxuilib/DXApplication.C
@@ -2553,7 +2553,7 @@ boolean DXApplication::initialize(int* argcp,
const char* errmsg =
GraphLayout::SetHeightPerLevel (DXApplication::resource.autoLayoutHeight);
if (errmsg) {
- fprintf (stderr, errmsg);
+ fprintf (stderr, "%s", errmsg);
return FALSE;
}
}
@@ -2561,7 +2561,7 @@ boolean DXApplication::initialize(int* argcp,
const char* errmsg =
GraphLayout::SetGroupSpacing (DXApplication::resource.autoLayoutGroupSpacing);
if (errmsg) {
- fprintf (stderr, errmsg);
+ fprintf (stderr, "%s", errmsg);
return FALSE;
}
}
@@ -2569,7 +2569,7 @@ boolean DXApplication::initialize(int* argcp,
const char* errmsg =
GraphLayout::SetNodeSpacing (DXApplication::resource.autoLayoutNodeSpacing);
if (errmsg) {
- fprintf (stderr, errmsg);
+ fprintf (stderr, "%s", errmsg);
return FALSE;
}
}
@@ -3787,7 +3787,7 @@ error:
if (this->anchor)
InfoMessage(msg);
else
- fprintf(stderr,msg);
+ fprintf(stderr,"%s",msg);
return NULL;
}
@@ -5019,7 +5019,7 @@ DXApplication_HandleCoreDump(int dummy)
fprintf (stderr, "Attempting to save any modified files.\n"
"Please check saved files for integrity by reloading them.\n");
theDXApplication->emergencySave (msg);
- fprintf (stderr, msg);
+ fprintf (stderr, "%s", msg);
}
fprintf(stderr,"The application will now abort.\n");
@@ -5035,7 +5035,7 @@ void DXApplication::abortApplication()
if (theDXApplication) {
char msg[4096];
this->emergencySave(msg);
- fprintf(stderr, msg);
+ fprintf(stderr, "%s", msg);
}
this->IBMApplication::abortApplication();
--
2.9.3