diff mbox series

[for-7.2] Add G_GNUC_PRINTF to function qemu_set_info_str and fix related issues

Message ID 20221115071935.1020799-1-sw@weilnetz.de (mailing list archive)
State New, archived
Headers show
Series [for-7.2] Add G_GNUC_PRINTF to function qemu_set_info_str and fix related issues | expand

Commit Message

Stefan Weil Nov. 15, 2022, 7:19 a.m. UTC
With the G_GNUC_PRINTF function attribute the compiler detects
two potential insecure format strings:

../../../net/stream.c:248:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
    qemu_set_info_str(&s->nc, uri);
                              ^~~
../../../net/stream.c:322:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
    qemu_set_info_str(&s->nc, uri);
                              ^~~

There are also two other warnings:

../../../net/socket.c:182:35: warning: zero-length gnu_printf format string [-Wformat-zero-length]
  182 |         qemu_set_info_str(&s->nc, "");
      |                                   ^~
../../../net/stream.c:170:35: warning: zero-length gnu_printf format string [-Wformat-zero-length]
  170 |         qemu_set_info_str(&s->nc, "");

Signed-off-by: Stefan Weil <sw@weilnetz.de>
---
 include/net/net.h | 3 ++-
 net/socket.c      | 2 +-
 net/stream.c      | 6 +++---
 3 files changed, 6 insertions(+), 5 deletions(-)

Comments

Peter Maydell Nov. 15, 2022, 10:55 a.m. UTC | #1
On Tue, 15 Nov 2022 at 07:20, Stefan Weil via <qemu-devel@nongnu.org> wrote:
>
> With the G_GNUC_PRINTF function attribute the compiler detects
> two potential insecure format strings:
>
> ../../../net/stream.c:248:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
>     qemu_set_info_str(&s->nc, uri);
>                               ^~~
> ../../../net/stream.c:322:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
>     qemu_set_info_str(&s->nc, uri);
>                               ^~~
>
> There are also two other warnings:
>
> ../../../net/socket.c:182:35: warning: zero-length gnu_printf format string [-Wformat-zero-length]
>   182 |         qemu_set_info_str(&s->nc, "");
>       |                                   ^~
> ../../../net/stream.c:170:35: warning: zero-length gnu_printf format string [-Wformat-zero-length]
>   170 |         qemu_set_info_str(&s->nc, "");
>
> Signed-off-by: Stefan Weil <sw@weilnetz.de>
> ---

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM
Philippe Mathieu-Daudé Nov. 15, 2022, 11:10 a.m. UTC | #2
On 15/11/22 08:19, Stefan Weil via wrote:
> With the G_GNUC_PRINTF function attribute the compiler detects
> two potential insecure format strings:
> 
> ../../../net/stream.c:248:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
>      qemu_set_info_str(&s->nc, uri);
>                                ^~~
> ../../../net/stream.c:322:31: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
>      qemu_set_info_str(&s->nc, uri);
>                                ^~~
> 
> There are also two other warnings:
> 
> ../../../net/socket.c:182:35: warning: zero-length gnu_printf format string [-Wformat-zero-length]
>    182 |         qemu_set_info_str(&s->nc, "");
>        |                                   ^~
> ../../../net/stream.c:170:35: warning: zero-length gnu_printf format string [-Wformat-zero-length]
>    170 |         qemu_set_info_str(&s->nc, "");
> 
> Signed-off-by: Stefan Weil <sw@weilnetz.de>
> ---
>   include/net/net.h | 3 ++-
>   net/socket.c      | 2 +-
>   net/stream.c      | 6 +++---
>   3 files changed, 6 insertions(+), 5 deletions(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff mbox series

Patch

diff --git a/include/net/net.h b/include/net/net.h
index 3db75ff841..dc20b31e9f 100644
--- a/include/net/net.h
+++ b/include/net/net.h
@@ -177,7 +177,8 @@  ssize_t qemu_send_packet_async(NetClientState *nc, const uint8_t *buf,
 void qemu_purge_queued_packets(NetClientState *nc);
 void qemu_flush_queued_packets(NetClientState *nc);
 void qemu_flush_or_purge_queued_packets(NetClientState *nc, bool purge);
-void qemu_set_info_str(NetClientState *nc, const char *fmt, ...);
+void qemu_set_info_str(NetClientState *nc,
+                       const char *fmt, ...) G_GNUC_PRINTF(2, 3);
 void qemu_format_nic_info_str(NetClientState *nc, uint8_t macaddr[6]);
 bool qemu_has_ufo(NetClientState *nc);
 bool qemu_has_vnet_hdr(NetClientState *nc);
diff --git a/net/socket.c b/net/socket.c
index 4944bb70d5..e62137c839 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -179,7 +179,7 @@  static void net_socket_send(void *opaque)
         s->fd = -1;
         net_socket_rs_init(&s->rs, net_socket_rs_finalize, false);
         s->nc.link_down = true;
-        qemu_set_info_str(&s->nc, "");
+        qemu_set_info_str(&s->nc, "%s", "");
 
         return;
     }
diff --git a/net/stream.c b/net/stream.c
index 53b7040cc4..37ff727e0c 100644
--- a/net/stream.c
+++ b/net/stream.c
@@ -167,7 +167,7 @@  static gboolean net_stream_send(QIOChannel *ioc,
 
         net_socket_rs_init(&s->rs, net_stream_rs_finalize, false);
         s->nc.link_down = true;
-        qemu_set_info_str(&s->nc, "");
+        qemu_set_info_str(&s->nc, "%s", "");
 
         qapi_event_send_netdev_stream_disconnected(s->nc.name);
 
@@ -245,7 +245,7 @@  static void net_stream_listen(QIONetListener *listener,
     }
     g_assert(addr != NULL);
     uri = socket_uri(addr);
-    qemu_set_info_str(&s->nc, uri);
+    qemu_set_info_str(&s->nc, "%s", uri);
     g_free(uri);
     qapi_event_send_netdev_stream_connected(s->nc.name, addr);
     qapi_free_SocketAddress(addr);
@@ -319,7 +319,7 @@  static void net_stream_client_connected(QIOTask *task, gpointer opaque)
     addr = qio_channel_socket_get_remote_address(sioc, NULL);
     g_assert(addr != NULL);
     uri = socket_uri(addr);
-    qemu_set_info_str(&s->nc, uri);
+    qemu_set_info_str(&s->nc, "%s", uri);
     g_free(uri);
 
     ret = qemu_socket_try_set_nonblock(sioc->fd);