summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2019-06-16 22:24:36 +0200
committerHauke Mehrtens <hauke@hauke-m.de>2019-06-16 22:41:26 +0200
commit91fcac34ac014a565fdd6312de088d312b5ba7ec (patch)
tree3b7b812cdb229877f8c1bf11330abf620e7e39d0
parentcdfc902a4cb77bc538a729f9e1c8a8578454a0e5 (diff)
uhttpd: Fix multiple format string problems
After format string checks were activated in libubox the compiler started to complain about multiple missuses in uhttpd. This fixes the format strings without changing the behavior. blobmsg_get_string() just checks if the parameter is not NULL and then calls blobmsg_data() and casts the result. I think non of these problem is security relevant. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
-rw-r--r--proc.c3
-rw-r--r--ubus.c4
-rw-r--r--utils.c4
3 files changed, 6 insertions, 5 deletions
diff --git a/proc.c b/proc.c
index 88ec31e..1d63d86 100644
--- a/proc.c
+++ b/proc.c
@@ -232,7 +232,8 @@ static void proc_handle_header_end(struct relay *r)
uloop_timeout_cancel(&p->timeout);
uh_http_header(cl, cl->dispatch.proc.status_code, cl->dispatch.proc.status_msg);
blob_for_each_attr(cur, cl->dispatch.proc.hdr.head, rem)
- ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur), blobmsg_data(cur));
+ ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur),
+ blobmsg_get_string(cur));
ustream_printf(cl->us, "\r\n");
diff --git a/ubus.c b/ubus.c
index f7d1f11..8cfbd97 100644
--- a/ubus.c
+++ b/ubus.c
@@ -144,11 +144,11 @@ static void uh_ubus_add_cors_headers(struct client *cl)
}
ustream_printf(cl->us, "Access-Control-Allow-Origin: %s\r\n",
- blobmsg_data(tb[HDR_ORIGIN]));
+ blobmsg_get_string(tb[HDR_ORIGIN]));
if (tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS])
ustream_printf(cl->us, "Access-Control-Allow-Headers: %s\r\n",
- blobmsg_data(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
+ blobmsg_get_string(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
ustream_printf(cl->us, "Access-Control-Allow-Methods: POST, OPTIONS\r\n");
ustream_printf(cl->us, "Access-Control-Allow-Credentials: true\r\n");
diff --git a/utils.c b/utils.c
index d990d7d..142a410 100644
--- a/utils.c
+++ b/utils.c
@@ -47,7 +47,7 @@ void uh_chunk_write(struct client *cl, const void *data, int len)
ustream_printf(cl->us, "%X\r\n", len);
ustream_write(cl->us, data, len, true);
if (chunked)
- ustream_printf(cl->us, "\r\n", len);
+ ustream_printf(cl->us, "\r\n");
}
void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg)
@@ -74,7 +74,7 @@ void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg)
ustream_write(cl->us, buf, len, true);
else
ustream_vprintf(cl->us, format, arg);
- ustream_printf(cl->us, "\r\n", len);
+ ustream_printf(cl->us, "\r\n");
}
void uh_chunk_printf(struct client *cl, const char *format, ...)