Message ID | 20221115071935.1020799-1-sw@weilnetz.de (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [for-7.2] Add G_GNUC_PRINTF to function qemu_set_info_str and fix related issues | expand |
On Tue, 15 Nov 2022 at 07:20, Stefan Weil via <qemu-devel@nongnu.org> wrote: > > With the G_GNUC_PRINTF function attribute the compiler detects > two potential insecure format strings: > > ../../../net/stream.c:248:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security] > qemu_set_info_str(&s->nc, uri); > ^~~ > ../../../net/stream.c:322:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security] > qemu_set_info_str(&s->nc, uri); > ^~~ > > There are also two other warnings: > > ../../../net/socket.c:182:35: warning: zero-length gnu_printf format string [-Wformat-zero-length] > 182 | qemu_set_info_str(&s->nc, ""); > | ^~ > ../../../net/stream.c:170:35: warning: zero-length gnu_printf format string [-Wformat-zero-length] > 170 | qemu_set_info_str(&s->nc, ""); > > Signed-off-by: Stefan Weil <sw@weilnetz.de> > --- Reviewed-by: Peter Maydell <peter.maydell@linaro.org> thanks -- PMM
On 15/11/22 08:19, Stefan Weil via wrote: > With the G_GNUC_PRINTF function attribute the compiler detects > two potential insecure format strings: > > ../../../net/stream.c:248:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security] > qemu_set_info_str(&s->nc, uri); > ^~~ > ../../../net/stream.c:322:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security] > qemu_set_info_str(&s->nc, uri); > ^~~ > > There are also two other warnings: > > ../../../net/socket.c:182:35: warning: zero-length gnu_printf format string [-Wformat-zero-length] > 182 | qemu_set_info_str(&s->nc, ""); > | ^~ > ../../../net/stream.c:170:35: warning: zero-length gnu_printf format string [-Wformat-zero-length] > 170 | qemu_set_info_str(&s->nc, ""); > > Signed-off-by: Stefan Weil <sw@weilnetz.de> > --- > include/net/net.h | 3 ++- > net/socket.c | 2 +- > net/stream.c | 6 +++--- > 3 files changed, 6 insertions(+), 5 deletions(-) Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff --git a/include/net/net.h b/include/net/net.h index 3db75ff841..dc20b31e9f 100644 --- a/include/net/net.h +++ b/include/net/net.h @@ -177,7 +177,8 @@ ssize_t qemu_send_packet_async(NetClientState *nc, const uint8_t *buf, void qemu_purge_queued_packets(NetClientState *nc); void qemu_flush_queued_packets(NetClientState *nc); void qemu_flush_or_purge_queued_packets(NetClientState *nc, bool purge); -void qemu_set_info_str(NetClientState *nc, const char *fmt, ...); +void qemu_set_info_str(NetClientState *nc, + const char *fmt, ...) G_GNUC_PRINTF(2, 3); void qemu_format_nic_info_str(NetClientState *nc, uint8_t macaddr[6]); bool qemu_has_ufo(NetClientState *nc); bool qemu_has_vnet_hdr(NetClientState *nc); diff --git a/net/socket.c b/net/socket.c index 4944bb70d5..e62137c839 100644 --- a/net/socket.c +++ b/net/socket.c @@ -179,7 +179,7 @@ static void net_socket_send(void *opaque) s->fd = -1; net_socket_rs_init(&s->rs, net_socket_rs_finalize, false); s->nc.link_down = true; - qemu_set_info_str(&s->nc, ""); + qemu_set_info_str(&s->nc, "%s", ""); return; } diff --git a/net/stream.c b/net/stream.c index 53b7040cc4..37ff727e0c 100644 --- a/net/stream.c +++ b/net/stream.c @@ -167,7 +167,7 @@ static gboolean net_stream_send(QIOChannel *ioc, net_socket_rs_init(&s->rs, net_stream_rs_finalize, false); s->nc.link_down = true; - qemu_set_info_str(&s->nc, ""); + qemu_set_info_str(&s->nc, "%s", ""); qapi_event_send_netdev_stream_disconnected(s->nc.name); @@ -245,7 +245,7 @@ static void net_stream_listen(QIONetListener *listener, } g_assert(addr != NULL); uri = socket_uri(addr); - qemu_set_info_str(&s->nc, uri); + qemu_set_info_str(&s->nc, "%s", uri); g_free(uri); qapi_event_send_netdev_stream_connected(s->nc.name, addr); qapi_free_SocketAddress(addr); @@ -319,7 +319,7 @@ static void net_stream_client_connected(QIOTask *task, gpointer opaque) addr = qio_channel_socket_get_remote_address(sioc, NULL); g_assert(addr != NULL); uri = socket_uri(addr); - qemu_set_info_str(&s->nc, uri); + qemu_set_info_str(&s->nc, "%s", uri); g_free(uri); ret = qemu_socket_try_set_nonblock(sioc->fd);
With the G_GNUC_PRINTF function attribute the compiler detects two potential insecure format strings: ../../../net/stream.c:248:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security] qemu_set_info_str(&s->nc, uri); ^~~ ../../../net/stream.c:322:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security] qemu_set_info_str(&s->nc, uri); ^~~ There are also two other warnings: ../../../net/socket.c:182:35: warning: zero-length gnu_printf format string [-Wformat-zero-length] 182 | qemu_set_info_str(&s->nc, ""); | ^~ ../../../net/stream.c:170:35: warning: zero-length gnu_printf format string [-Wformat-zero-length] 170 | qemu_set_info_str(&s->nc, ""); Signed-off-by: Stefan Weil <sw@weilnetz.de> --- include/net/net.h | 3 ++- net/socket.c | 2 +- net/stream.c | 6 +++--- 3 files changed, 6 insertions(+), 5 deletions(-)