From 2c76660566d026d430305231e72c259372de4380 Mon Sep 17 00:00:00 2001

From: Lubomir Rintel <lkundrak@v3.sk>

Date: Wed, 4 Dec 2013 23:17:10 +0100

Subject: [PATCH] Fix build with -Werror=format-security

Fedora, starting with version 21, will enable this flag in order to limit

potentially insecure uses of format strings. It is required for format strings

to be constant now.

---

 cmdline/cmdline_afp.c     |  4 ++--

 cmdline/cmdline_testafp.c | 12 ++++++------

 fuse/client.c             |  5 +----

 fuse/commands.c           |  4 ++--

 lib/afp_url.c             | 12 ++++++------

 5 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/cmdline/cmdline_afp.c b/cmdline/cmdline_afp.c

index 827150b..59f0977 100644

--- a/cmdline/cmdline_afp.c

+++ b/cmdline/cmdline_afp.c

@@ -828,11 +828,11 @@ int com_status(char * arg)

 	char text[40960];

 	afp_status_header(text,&len;;

-	printf(text);

+	printf("%s", text);

 	len=40960;

 	afp_status_server(server,text,&len;;

-	printf(text);

+	printf("%s", text);

 	return 0;

 }

diff --git a/cmdline/cmdline_testafp.c b/cmdline/cmdline_testafp.c

index c40f2bd..f887aec 100644

--- a/cmdline/cmdline_testafp.c

+++ b/cmdline/cmdline_testafp.c

@@ -26,12 +26,12 @@ static int test_one_url(char * url_string,

 	struct afp_url valid_url;

 	afp_default_url(&valid_url);

 	valid_url.protocol=protocol;

-	sprintf(valid_url.servername,servername);

-	sprintf(valid_url.volumename,volumename);

-	sprintf(valid_url.path,path);

-	sprintf(valid_url.username,username);

-	sprintf(valid_url.password,password);

-	sprintf(valid_url.uamname,uamname);

+	snprintf(valid_url.servername,sizeof(valid_url.servername),"%s",servername);

+	snprintf(valid_url.volumename,sizeof(valid_url.volumename),"%s",volumename);

+	snprintf(valid_url.path,sizeof(valid_url.path),"%s",path);

+	snprintf(valid_url.username,sizeof(valid_url.username),"%s",username);

+	snprintf(valid_url.password,sizeof(valid_url.password),"%s",password);

+	snprintf(valid_url.uamname,(valid_url.uamname),"%s",uamname);

 	valid_url.port=port;

 	if (afp_url_validate(url_string,&valid_url)) 

diff --git a/fuse/client.c b/fuse/client.c

index f795ca6..d19e9ef 100644

--- a/fuse/client.c

+++ b/fuse/client.c

@@ -509,7 +509,6 @@ static int prepare_buffer(int argc, char * argv[])

 int read_answer(int sock) {

 	int len=0, expected_len=0, packetlen;

 	char incoming_buffer[MAX_CLIENT_RESPONSE];

-	char toprint[MAX_CLIENT_RESPONSE+200];

 	struct timeval tv;

 	fd_set rds,ords;

 	int ret;

@@ -546,9 +545,7 @@ int read_answer(int sock) {

 	}

 done:

-	memset(toprint,0,MAX_CLIENT_RESPONSE+200);

-	snprintf(toprint,MAX_CLIENT_RESPONSE+200,"%s",incoming_buffer+sizeof(*answer));

-	printf(toprint);

+	printf("%.200s",incoming_buffer+sizeof(*answer));

 	return ((struct afp_server_response *) incoming_buffer)->result;

 	return 0;

diff --git a/fuse/commands.c b/fuse/commands.c

index aa7444d..bb06928 100644

--- a/fuse/commands.c

+++ b/fuse/commands.c

@@ -163,6 +163,7 @@ static void fuse_log_for_client(void * priv,

 		len = strlen(c->client_string);

 		snprintf(c->client_string+len,

 			MAX_CLIENT_RESPONSE-len,

+			"%s",

 			message);

 	} else {

@@ -468,7 +468,7 @@ static int process_mount(struct fuse_client * c)

 	volume->mapping=req->map;

 	afp_detect_mapping(volume);

-	snprintf(volume->mountpoint,255,req->mountpoint);

+	snprintf(volume->mountpoint,255,"%s",req->mountpoint);

 	/* Create the new thread and block until we get an answer back */

 	{

diff --git a/lib/afp_url.c b/lib/afp_url.c

index 42bac1c..f152d7b 100644

--- a/lib/afp_url.c

+++ b/lib/afp_url.c

@@ -233,7 +233,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)

 		}

 	}

-	snprintf(url->servername,strlen(p)+1,p);

+	snprintf(url->servername,strlen(p)+1,"%s",p);

 	if (check_servername(url->servername)) {

 			if (verbose) printf("This isn't a valid servername\n");

 			return -1;

@@ -263,7 +263,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)

 	if ((q=escape_strrchr(p,':',":"))) {

 		*q='\0';

 		q++;

-		snprintf(url->password,strlen(q)+1,q);

+		snprintf(url->password,strlen(q)+1,"%s",q);

 		if (check_password(url->password)) {

 			if (verbose) printf("This isn't a valid passwd\n");

 			return -1;

@@ -276,7 +276,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)

 	if ((q=strstr(p,";AUTH="))) {

 		*q='\0';

 		q+=6;

-		snprintf(url->uamname,strlen(q)+1,q);

+		snprintf(url->uamname,strlen(q)+1,"%s",q);

 		if (check_uamname(url->uamname)) {

 			if (verbose) printf("This isn't a valid uamname\n");

 			return -1;

@@ -284,7 +284,7 @@ int afp_parse_url(struct afp_url * url, const char * toparse, int verbose)

 	}

 	if (strlen(p)>0) {

-		snprintf(url->username,strlen(p)+1,p);

+		snprintf(url->username,strlen(p)+1,"%s",p);

 		if (check_username(url->username)) {

 			if (verbose) printf("This isn't a valid username\n");

 			return -1;;

@@ -304,12 +304,12 @@ parse_secondpart:

 		*q='\0';

 		q++;

 	}

-	snprintf(url->volumename,strlen(p)+1,p);

+	snprintf(url->volumename,strlen(p)+1,"%s",p);

 	if (q) {

 		url->path[0]='/';

-		snprintf(url->path+1,strlen(q)+1,q);

+		snprintf(url->path+1,strlen(q)+1,"%s",q);

 	}

 done:

-- 

1.8.4.2