diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2000-06-30 16:00:30 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2000-06-30 16:00:30 +0000 |
| commit | b643bb9badf4a995d989b8daf3e33ba8ee6ffda2 (patch) | |
| tree | 87720e8aa60a5b4230d0072dfd2b3d422d7dd1cd /usr.bin/sort | |
| parent | 46239127052c30fac93140fbe021cdd151fdac8a (diff) | |
warnx?/errx? paranoia (use "%s" not a bare string unless it is a
constant). These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).
Diffstat (limited to 'usr.bin/sort')
| -rw-r--r-- | usr.bin/sort/files.c | 8 | ||||
| -rw-r--r-- | usr.bin/sort/msort.c | 6 | ||||
| -rw-r--r-- | usr.bin/sort/sort.c | 16 | ||||
| -rw-r--r-- | usr.bin/sort/tmp.c | 8 |
4 files changed, 19 insertions, 19 deletions
diff --git a/usr.bin/sort/files.c b/usr.bin/sort/files.c index 35208ff7aee..90317da4872 100644 --- a/usr.bin/sort/files.c +++ b/usr.bin/sort/files.c @@ -1,4 +1,4 @@ -/* $OpenBSD: files.c,v 1.5 1997/06/30 05:36:16 millert Exp $ */ +/* $OpenBSD: files.c,v 1.6 2000/06/30 16:00:23 millert Exp $ */ /*- * Copyright (c) 1993 @@ -40,7 +40,7 @@ #if 0 static char sccsid[] = "@(#)files.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: files.c,v 1.5 1997/06/30 05:36:16 millert Exp $"; +static char rcsid[] = "$OpenBSD: files.c,v 1.6 2000/06/30 16:00:23 millert Exp $"; #endif #endif /* not lint */ @@ -157,7 +157,7 @@ makeline(flno, filelist, nfiles, buffer, bufend, dummy2) if (fileno >= nfiles) return (EOF); if (!(fp = fopen(filelist.names[fileno], "r"))) - err(2, filelist.names[fileno]); + err(2, "%s", filelist.names[fileno]); fileno++; } while ((pos < end) && ((c = getc(fp)) != EOF)) { @@ -225,7 +225,7 @@ makekey(flno, filelist, nfiles, buffer, bufend, ftbl) return (EOF); dbdesc = fopen(filelist.names[fileno], "r"); if (!dbdesc) - err(2, filelist.names[fileno]); + err(2, "%s", filelist.names[fileno]); fileno++; get = seq; } diff --git a/usr.bin/sort/msort.c b/usr.bin/sort/msort.c index 6da0e01ef04..ff4877aa615 100644 --- a/usr.bin/sort/msort.c +++ b/usr.bin/sort/msort.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msort.c,v 1.7 1999/05/24 17:57:18 millert Exp $ */ +/* $OpenBSD: msort.c,v 1.8 2000/06/30 16:00:23 millert Exp $ */ /*- * Copyright (c) 1993 @@ -40,7 +40,7 @@ #if 0 static char sccsid[] = "@(#)msort.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: msort.c,v 1.7 1999/05/24 17:57:18 millert Exp $"; +static char rcsid[] = "$OpenBSD: msort.c,v 1.8 2000/06/30 16:00:23 millert Exp $"; #endif #endif /* not lint */ @@ -125,7 +125,7 @@ fmerge(binno, files, nfiles, get, outfp, fput, ftbl) for (i = 0; i < last; i++) if (!(l_fstack[i+MAXFCT-1-16].fp = fopen(files.names[j + i], "r"))) - err(2, files.names[j+i]); + err(2, "%s", files.names[j+i]); merge(MAXFCT-1-16, last, get, tout, put, ftbl); } else { for (i = 0; i< last; i++) diff --git a/usr.bin/sort/sort.c b/usr.bin/sort/sort.c index a070694d9ec..0332a340b6b 100644 --- a/usr.bin/sort/sort.c +++ b/usr.bin/sort/sort.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sort.c,v 1.13 1999/11/30 16:41:41 espie Exp $ */ +/* $OpenBSD: sort.c,v 1.14 2000/06/30 16:00:23 millert Exp $ */ /*- * Copyright (c) 1993 @@ -46,7 +46,7 @@ static char copyright[] = #if 0 static char sccsid[] = "@(#)sort.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: sort.c,v 1.13 1999/11/30 16:41:41 espie Exp $"; +static char rcsid[] = "$OpenBSD: sort.c,v 1.14 2000/06/30 16:00:23 millert Exp $"; #endif #endif /* not lint */ @@ -217,7 +217,7 @@ main(argc, argv) argv[i] = devstdin; } } else if ((ch = access(argv[i], R_OK))) - err(2, argv[i]); + err(2, "%s", argv[i]); } if (!(fldtab->flags & (I|D|N) || fldtab[1].icol.num)) { @@ -271,7 +271,7 @@ main(argc, argv) errno = 0; if (access(outpath, W_OK)) - err(2, outpath); + err(2, "%s", outpath); act.sa_handler = onsig; (void)snprintf(toutpath, sizeof(toutpath), "%sXXXXXXXXXX", outpath); @@ -282,7 +282,7 @@ main(argc, argv) if ((outfd = mkstemp(toutpath)) == -1 || fchmod(outfd, DEFFILEMODE & ~um) == -1 || (outfp = fdopen(outfd, "w")) == 0) - err(2, toutpath); + err(2, "%s", toutpath); outfile = toutpath; (void)atexit(cleanup); @@ -291,14 +291,14 @@ main(argc, argv) } else outfile = outpath; if (outfp == NULL && (outfp = fopen(outfile, "w")) == NULL) - err(2, outfile); + err(2, "%s", outfile); if (mflag) fmerge(-1, filelist, argc-optind, get, outfp, putline, fldtab); else fsort(-1, 0, filelist, argc-optind, outfp, fldtab); if (outfile != outpath) { if (access(outfile, 0)) - err(2, outfile); + err(2, "%s", outfile); (void)unlink(outpath); if (link(outfile, outpath)) err(2, "cannot link %s: output left in %s", @@ -332,7 +332,7 @@ usage(msg) extern char *__progname; if (msg) - warnx(msg); + warnx("%s", msg); (void)fprintf(stderr, "usage: %s [-T dir] [-o output] [-cmubdfinrH] " "[-t char] [-R char] [-k keydef] ... [files]\n", __progname); exit(2); diff --git a/usr.bin/sort/tmp.c b/usr.bin/sort/tmp.c index 58d5a91314f..4f092c2f2dc 100644 --- a/usr.bin/sort/tmp.c +++ b/usr.bin/sort/tmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tmp.c,v 1.2 1997/06/16 02:21:57 millert Exp $ */ +/* $OpenBSD: tmp.c,v 1.3 2000/06/30 16:00:23 millert Exp $ */ /*- * Copyright (c) 1993 @@ -40,7 +40,7 @@ #if 0 static char sccsid[] = "@(#)tmp.c 8.1 (Berkeley) 6/6/93"; #else -static char rcsid[] = "$OpenBSD: tmp.c,v 1.2 1997/06/16 02:21:57 millert Exp $"; +static char rcsid[] = "$OpenBSD: tmp.c,v 1.3 2000/06/30 16:00:23 millert Exp $"; #endif #endif /* not lint */ @@ -75,9 +75,9 @@ ftmp() sigfillset(&set); (void)sigprocmask(SIG_BLOCK, &set, &oset); if ((fd = mkstemp(path)) < 0) - err(2, path); + err(2, "%s", path); if (!(fp = fdopen(fd, "w+"))) - err(2, path); + err(2, "%s", path); (void)unlink(path); (void)sigprocmask(SIG_SETMASK, &oset, NULL); |