Message ID | 20221228110752.34060-1-frank@lichtenheld.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel] options.c: fix format security error when compiling without optimization | expand |
Am 28.12.22 um 12:07 schrieb Frank Lichtenheld: > error: format not a string literal and no format arguments [-Werror=format-security] > 2309 | msg(M_USAGE, str); > > Found by accident, since it only happens without optimization. > Seems the compiler can figure out that this is harmless when > thinking a bit harder about it. Fix anyway. > > Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> > --- > src/openvpn/options.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/openvpn/options.c b/src/openvpn/options.c > index e454b2ac..7395019e 100644 > --- a/src/openvpn/options.c > +++ b/src/openvpn/options.c > @@ -2306,7 +2306,7 @@ check_ca_required(const struct options *options) > " or CA path (--capath)" > #endif > " and/or peer fingerprint verification (--peer-fingerprint)"; > - msg(M_USAGE, str); > + msg(M_USAGE, "%s", str); > } > > static void Acked-By: Arne Schwabe <arne@rfc2549.org>
Funny code section... why introduce a variable, when it could have called msg() directly. But anyway. Your patch has been applied to the master and release/2.6 branch. commit 24fc4ce25432a42170477f21133bb0f25a8a860d (master) commit cdcaebcbdf31cb629e54147d476e6fb9921f7999 (release/2.6) Author: Frank Lichtenheld Date: Wed Dec 28 12:07:52 2022 +0100 options.c: fix format security error when compiling without optimization Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <20221228110752.34060-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25848.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index e454b2ac..7395019e 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2306,7 +2306,7 @@ check_ca_required(const struct options *options) " or CA path (--capath)" #endif " and/or peer fingerprint verification (--peer-fingerprint)"; - msg(M_USAGE, str); + msg(M_USAGE, "%s", str); } static void
error: format not a string literal and no format arguments [-Werror=format-security] 2309 | msg(M_USAGE, str); Found by accident, since it only happens without optimization. Seems the compiler can figure out that this is harmless when thinking a bit harder about it. Fix anyway. Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> --- src/openvpn/options.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)