diff mbox series

[Openvpn-devel] options.c: fix format security error when compiling without optimization

Message ID 20221228110752.34060-1-frank@lichtenheld.com
State Accepted
Headers show
Series [Openvpn-devel] options.c: fix format security error when compiling without optimization | expand

Commit Message

Frank Lichtenheld Dec. 28, 2022, 11:07 a.m. UTC 
error: format not a string literal and no format arguments [-Werror=format-security]
 2309 |     msg(M_USAGE, str);

Found by accident, since it only happens without optimization.
Seems the compiler can figure out that this is harmless when
thinking a bit harder about it. Fix anyway.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
---
 src/openvpn/options.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Arne Schwabe Dec. 28, 2022, 11:50 a.m. UTC | #1 
Am 28.12.22 um 12:07 schrieb Frank Lichtenheld:
> error: format not a string literal and no format arguments [-Werror=format-security]
>   2309 |     msg(M_USAGE, str);
> 
> Found by accident, since it only happens without optimization.
> Seems the compiler can figure out that this is harmless when
> thinking a bit harder about it. Fix anyway.
> 
> Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
> ---
>   src/openvpn/options.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/openvpn/options.c b/src/openvpn/options.c
> index e454b2ac..7395019e 100644
> --- a/src/openvpn/options.c
> +++ b/src/openvpn/options.c
> @@ -2306,7 +2306,7 @@ check_ca_required(const struct options *options)
>                               " or CA path (--capath)"
>   #endif
>                               " and/or peer fingerprint verification (--peer-fingerprint)";
> -    msg(M_USAGE, str);
> +    msg(M_USAGE, "%s", str);
>   }
>   
>   static void

Acked-By: Arne Schwabe <arne@rfc2549.org>
Gert Doering Dec. 28, 2022, 9:44 p.m. UTC | #2 
Funny code section... why introduce a variable, when it could have called
msg() directly.  But anyway.

Your patch has been applied to the master and release/2.6 branch.

commit 24fc4ce25432a42170477f21133bb0f25a8a860d (master)
commit cdcaebcbdf31cb629e54147d476e6fb9921f7999 (release/2.6)
Author: Frank Lichtenheld
Date:   Wed Dec 28 12:07:52 2022 +0100

     options.c: fix format security error when compiling without optimization

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Arne Schwabe <arne@rfc2549.org>
     Message-Id: <20221228110752.34060-1-frank@lichtenheld.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25848.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index e454b2ac..7395019e 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2306,7 +2306,7 @@  check_ca_required(const struct options *options)
                             " or CA path (--capath)"
 #endif
                             " and/or peer fingerprint verification (--peer-fingerprint)";
-    msg(M_USAGE, str);
+    msg(M_USAGE, "%s", str);
 }
 
 static void