This patch was prompted by warnings like this: util.c:56: warning: format not a string literal and no format arguments
and they're legitimate. Imagine a format string contains "%%..." goes through the vnsprintf call, which reduces it to "%...". If the result string is then passed to __virRaiseError as the format string, then *boom*. Instead, use "%s" as the format, with the non-literal as the matching argument. Patch below. I searched the sources for %% and *did* find one potential problem: $ git-grep -B1 %% > k po/ms.po-msgid "too many drivers registered in %s" po/ms.po:msgstr "terlalu banyak spesifikasi penukaran %% pada suffiks" -- src/xend_internal.c- case '\n': src/xend_internal.c: snprintf(ptr, 4, "%%%02x", string[i]); since "% p" does happen to be a valid format string! So if someone using Malaysian messages provoked that particular diagnostic in a code path that takes it through __virRaiseError, bad things might happen. Big "if", of course :-) I didn't try. 2007-11-06 Jim Meyering <[EMAIL PROTECTED]> Avoid risk of format string abuse (also avoids gcc warnings). * src/util.c (ReportError): Use a literal "%s" format string. * src/remote_internal.c (server_error): Likewise. * src/qemu_conf.c (qemudReportError): Likewise.
-- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list