diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2019-06-16 22:24:36 +0200 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-06-16 22:41:26 +0200 |
commit | 91fcac34ac014a565fdd6312de088d312b5ba7ec (patch) | |
tree | 3b7b812cdb229877f8c1bf11330abf620e7e39d0 | |
parent | cdfc902a4cb77bc538a729f9e1c8a8578454a0e5 (diff) |
uhttpd: Fix multiple format string problems
After format string checks were activated in libubox the compiler
started to complain about multiple missuses in uhttpd. This fixes the
format strings without changing the behavior.
blobmsg_get_string() just checks if the parameter is not NULL and then
calls blobmsg_data() and casts the result.
I think non of these problem is security relevant.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
-rw-r--r-- | proc.c | 3 | ||||
-rw-r--r-- | ubus.c | 4 | ||||
-rw-r--r-- | utils.c | 4 |
3 files changed, 6 insertions, 5 deletions
@@ -232,7 +232,8 @@ static void proc_handle_header_end(struct relay *r) uloop_timeout_cancel(&p->timeout); uh_http_header(cl, cl->dispatch.proc.status_code, cl->dispatch.proc.status_msg); blob_for_each_attr(cur, cl->dispatch.proc.hdr.head, rem) - ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur), blobmsg_data(cur)); + ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur), + blobmsg_get_string(cur)); ustream_printf(cl->us, "\r\n"); @@ -144,11 +144,11 @@ static void uh_ubus_add_cors_headers(struct client *cl) } ustream_printf(cl->us, "Access-Control-Allow-Origin: %s\r\n", - blobmsg_data(tb[HDR_ORIGIN])); + blobmsg_get_string(tb[HDR_ORIGIN])); if (tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]) ustream_printf(cl->us, "Access-Control-Allow-Headers: %s\r\n", - blobmsg_data(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS])); + blobmsg_get_string(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS])); ustream_printf(cl->us, "Access-Control-Allow-Methods: POST, OPTIONS\r\n"); ustream_printf(cl->us, "Access-Control-Allow-Credentials: true\r\n"); @@ -47,7 +47,7 @@ void uh_chunk_write(struct client *cl, const void *data, int len) ustream_printf(cl->us, "%X\r\n", len); ustream_write(cl->us, data, len, true); if (chunked) - ustream_printf(cl->us, "\r\n", len); + ustream_printf(cl->us, "\r\n"); } void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg) @@ -74,7 +74,7 @@ void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg) ustream_write(cl->us, buf, len, true); else ustream_vprintf(cl->us, format, arg); - ustream_printf(cl->us, "\r\n", len); + ustream_printf(cl->us, "\r\n"); } void uh_chunk_printf(struct client *cl, const char *format, ...) |