Christian Weisgerber <na...@mips.inka.de> wrote: > This includes the list of remaining ports with %n warnings: > > editors/cooledit > mail/exim > misc/brltty > net/climm > security/gnupg > sysutils/cdrtools > x11/fvwm2
I don't want to do ports development, but I am the one making %n walk the plank, so I should lift some fingers. Here are some potential diffs for the above, I ask ports people to consider, test, and shepard them forward if they are good enough. I have ordered them from least offensive to most offensive. It gets kind of dark towards the end, send your pets and children out of the room. --- brltty-3.6/Programs/cmd.c.save Sun Sep 19 13:31:36 2021 +++ brltty-3.6/Programs/cmd.c Sun Sep 19 13:31:42 2021 @@ -87,8 +87,10 @@ candidate->name, number, candidate->description); } else { int offset; - snprintf(buffer, size, "%s: %n%s", - candidate->name, &offset, candidate->description); + offset = snprintf(buffer, size, "%s: ", + candidate->name); + snprintf(buffer, size, "%s: %s", + candidate->name, candidate->description); if ((blk == 0) && (command & BRL_FLG_TOGGLE_MASK)) { char *description = buffer + offset; --- cdrtools-3.00/cdrecord/cdr_drv.c~ Fri Jul 10 13:44:45 2009 +++ cdrtools-3.00/cdrecord/cdr_drv.c Sun Sep 19 13:42:15 2021 @@ -283,8 +283,8 @@ error("Driver types:\n"); for (d = drivers; *d != (cdr_t *)NULL; d++) { - error("%s%n", - (*d)->cdr_drname, &n); + n = error("%s", + (*d)->cdr_drname); error("%*s%s\n", 20-n, "", (*d)->cdr_drtext); --- fvwm-2.6.9/libs/Module.c.save Sun Sep 19 13:34:24 2021 +++ fvwm-2.6.9/libs/Module.c Sun Sep 19 13:34:42 2021 @@ -497,7 +497,7 @@ return NULL; } /* print the number into the string */ - sprintf(dest, "%d%n", val, &offset); + offset = sprintf(dest, "%d", val); dest += offset; } else if (is_string) @@ -512,7 +512,7 @@ /* print the colour name into the string */ if (string) { - sprintf(dest, "%s%n", string, &offset); + offset = sprintf(dest, "%s", string); dest += offset; } } --- fvwm2-2.6.9/fvwm-2.6.9/libs/ColorUtils.c.save Sun Sep 19 13:49:04 2021 +++ fvwm2-2.6.9/fvwm-2.6.9/libs/ColorUtils.c Sun Sep 19 13:49:19 2021 @@ -405,15 +405,15 @@ XQueryColor(dpy, cmap, &color); if (!use_hash) { - sprintf( - output, "rgb:%04x/%04x/%04x%n", (int)color.red, - (int)color.green, (int)color.blue, &n); + n = sprintf( + output, "rgb:%04x/%04x/%04x", (int)color.red, + (int)color.green, (int)color.blue); } else { - sprintf( - output, "#%04x%04x%04x%n", (int)color.red, - (int)color.green, (int)color.blue, &n); + n = sprintf( + output, "#%04x%04x%04x", (int)color.red, + (int)color.green, (int)color.blue); } return n; --- gnupg-2.2.30/g10/keylist.c~ Thu May 20 23:35:23 2021 +++ gnupg-2.2.30/g10/keylist.c Sun Sep 19 13:53:53 2021 @@ -255,12 +255,11 @@ else s2k_char = '#'; /* Key not found. */ - tty_fprintf (fp, "%s%c %s/%s %n", + indent = tty_fprintf (fp, "%s%c %s/%s ", node->pkt->pkttype == PKT_PUBLIC_KEY ? "sec" : "ssb", s2k_char, pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), - keystr_from_pk (pk), - &indent); + keystr_from_pk (pk)); tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk)); tty_fprintf (fp, " "); tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk)); --- gnupg-2.2.30/common/ttyio.h~ Thu May 20 23:35:23 2021 +++ gnupg-2.2.30/common/ttyio.h Sun Sep 19 13:53:11 2021 @@ -36,14 +36,14 @@ const char *tty_get_ttyname (void); int tty_batchmode (int onoff); #if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ) -void tty_printf (const char *fmt, ... ) +int tty_printf (const char *fmt, ... ) __attribute__ ((format (printf,1,2))); void tty_fprintf (estream_t fp, const char *fmt, ... ) __attribute__ ((format (printf,2,3))); char *tty_getf (const char *promptfmt, ... ) __attribute__ ((format (printf,1,2))); #else -void tty_printf (const char *fmt, ... ); +int tty_printf (const char *fmt, ... ); void tty_fprintf (estream_t fp, const char *fmt, ... ); char *tty_getf (const char *promptfmt, ... ); #endif --- gnupg-2.2.30/common/ttyio.c~ Mon Jun 21 23:35:05 2021 +++ gnupg-2.2.30/common/ttyio.c Sun Sep 19 13:52:57 2021 @@ -260,13 +260,14 @@ #endif /*HAVE_W32_SYSTEM*/ -void +int tty_printf (const char *fmt, ... ) { va_list arg_ptr; + int ret; if (no_terminal) - return; + return 0; if (!initialized) init_ttyfp (); @@ -277,7 +278,7 @@ { char *buf = NULL; - vasprintf(&buf, fmt, arg_ptr); + ret = vasprintf(&buf, fmt, arg_ptr); if (!buf) log_bug ("vasprintf() failed\n"); w32_write_console (buf); @@ -288,6 +289,7 @@ fflush (ttyfp); #endif /* Unix */ va_end(arg_ptr); + return ret; } --- gnupg-2.2.30/agent/protect.c.save Sun Sep 19 14:29:08 2021 +++ gnupg-2.2.30/agent/protect.c Sun Sep 19 14:29:52 2021 @@ -563,24 +563,59 @@ and dummy values as placeholders. */ { char countbuf[35]; + char *p1 = NULL, *p2 = NULL, *p3 = NULL; - snprintf (countbuf, sizeof countbuf, "%lu", - s2k_count ? s2k_count : get_standard_s2k_count ()); +#define FMT1 "(9:protected%d:%s((4:sha18:" +#define FMT2 "_8bytes_%u:%s)%d:" +#define FMT3 "%*s)%d:" + + p1 = xtryasprintf + (FMT1, + (int)strlen (modestr), modestr); + if (!p1) + goto fail; + saltpos = strlen(p1); + + p2 = xtryasprintf + (FMT1 FMT2, + (int)strlen (modestr), modestr, + (unsigned int)strlen (countbuf), countbuf, + use_ocb? 12 : blklen); + if (!p2) + goto fail; + ivpos = strlen(p2); + + p3 = xtryasprintf + (FMT1 FMT2 FMT3, + (int)strlen (modestr), modestr, + (unsigned int)strlen (countbuf), countbuf, + use_ocb? 12 : blklen, use_ocb? 12 : blklen, "", + enclen); + if (!p3) + goto fail; + encpos = strlen(p3); + p = xtryasprintf - ("(9:protected%d:%s((4:sha18:%n_8bytes_%u:%s)%d:%n%*s)%d:%n%*s)", + (FMT1 FMT2 FMT3 "%*s)", (int)strlen (modestr), modestr, - &saltpos, (unsigned int)strlen (countbuf), countbuf, - use_ocb? 12 : blklen, &ivpos, use_ocb? 12 : blklen, "", - enclen, &encpos, enclen, ""); + use_ocb? 12 : blklen, use_ocb? 12 : blklen, "", + enclen, enclen, ""); + if (!p) { +fail: + free(p1); + free(p2); + free(p3); gpg_error_t tmperr = out_of_core (); xfree (iv); xfree (outbuf); return tmperr; } - + free(p1); + free(p2); + free(p3); } *resultlen = strlen (p); *result = (unsigned char*)p;