BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
gcc complains rightfully:
src/ssl_sock.c: In function ‘ssl_sock_prepare_all_ctx’:
src/ssl_sock.c:5507:3: warning: format not a string literal and no format arguments [-Wformat-security]
ha_warning(errmsg);
^
src/ssl_sock.c:5509:3: warning: format not a string literal and no format arguments [-Wformat-security]
ha_alert(errmsg);
^
src/ssl_sock.c: In function ‘cli_io_handler_commit_cert’:
src/ssl_sock.c:10208:3: warning: format not a string literal and no format arguments [-Wformat-security]
chunk_appendf(trash, err);
Introduced in 8b453912ce9a4e1a3b1329efb2af04d1e470852e.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 91725a9..cd04c34 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5504,9 +5504,9 @@
}
if (errcode & ERR_WARN) {
- ha_warning(errmsg);
+ ha_warning("%s", errmsg);
} else if (errcode & ERR_CODE) {
- ha_alert(errmsg);
+ ha_alert("%s", errmsg);
err++;
}
@@ -10205,7 +10205,7 @@
chunk_appendf(trash, "\n");
if (errcode & ERR_WARN)
- chunk_appendf(trash, err);
+ chunk_appendf(trash, "%s", err);
chunk_appendf(trash, "Success!\n");
if (ci_putchk(si_ic(si), trash) == -1)
si_rx_room_blk(si);