diff options
-rw-r--r-- | doc/doc-txt/ChangeLog | 5 | ||||
-rw-r--r-- | src/src/config.h.defaults | 3 | ||||
-rw-r--r-- | src/src/deliver.c | 2 | ||||
-rw-r--r-- | src/src/expand.c | 4 | ||||
-rw-r--r-- | src/src/functions.h | 2 | ||||
-rw-r--r-- | src/src/local_scan.h | 2 | ||||
-rw-r--r-- | src/src/malware.c | 4 | ||||
-rw-r--r-- | src/src/mytypes.h | 6 | ||||
-rw-r--r-- | src/src/spool_mbox.c | 4 | ||||
-rw-r--r-- | src/src/string.c | 2 |
10 files changed, 24 insertions, 10 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 620d87114..21f1ec747 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -129,6 +129,11 @@ PP/29 Fix three issues highlighted by clang analyser static analysis. PP/30 Another attempt to deal with PCRE_PRERELEASE, this one less buggy. +PP/31 %D in printf continues to cause issues (-Wformat=security), so for + now guard some of the printf checks behind WANT_DEEPER_PRINTF_CHECKS. + As part of this, removing so much warning spew let me fix some minor + real issues in debug logging. + Exim version 4.77 ----------------- diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults index 1e75a1e21..92a4cd348 100644 --- a/src/src/config.h.defaults +++ b/src/src/config.h.defaults @@ -167,6 +167,9 @@ it's a default value. */ #define EXPERIMENTAL_SPF #define EXPERIMENTAL_SRS +/* For developers */ +#define WANT_DEEPER_PRINTF_CHECKS + /* Things that are not routinely changed but are nevertheless configurable just in case. */ diff --git a/src/src/deliver.c b/src/src/deliver.c index 10b63397e..d4ea2d868 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -1213,7 +1213,7 @@ if (format != NULL) va_start(ap, format); if (!string_vformat(buffer, sizeof(buffer), CS format, ap)) log_write(0, LOG_MAIN|LOG_PANIC_DIE, - "common_error expansion was longer than %d", sizeof(buffer)); + "common_error expansion was longer than " SIZE_T_FMT, sizeof(buffer)); va_end(ap); addr->message = string_copy(buffer); } diff --git a/src/src/expand.c b/src/src/expand.c index 70fb32c5e..84167b688 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -1527,8 +1527,8 @@ while (last > first) domain = Ustrrchr(s, '@'); if (domain == NULL) return s; if (domain - s > sizeof(var_buffer) - 1) - log_write(0, LOG_MAIN|LOG_PANIC_DIE, "local part longer than %d in " - "string expansion", sizeof(var_buffer)); + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "local part longer than " SIZE_T_FMT + " in string expansion", sizeof(var_buffer)); Ustrncpy(var_buffer, s, domain - s); var_buffer[domain - s] = 0; return var_buffer; diff --git a/src/src/functions.h b/src/src/functions.h index 78f095adc..cf8c54fe9 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -325,7 +325,7 @@ extern uschar *string_copy_malloc(uschar *); extern uschar *string_copylc(uschar *); extern uschar *string_copynlc(uschar *, int); extern uschar *string_dequote(uschar **); -extern BOOL string_format(uschar *, int, const char *, ...) PRINTF_FUNCTION(3,4); +extern BOOL string_format(uschar *, int, const char *, ...) ALMOST_PRINTF(3,4); extern uschar *string_format_size(int, uschar *); extern int string_interpret_escape(uschar **); extern int string_is_ip_address(uschar *, int *); diff --git a/src/src/local_scan.h b/src/src/local_scan.h index 19350bf41..057e4d428 100644 --- a/src/src/local_scan.h +++ b/src/src/local_scan.h @@ -188,6 +188,6 @@ extern void smtp_printf(const char *, ...) PRINTF_FUNCTION(1,2); extern void smtp_vprintf(const char *, va_list); extern uschar *string_copy(const uschar *); extern uschar *string_copyn(uschar *, int); -extern uschar *string_sprintf(const char *, ...) PRINTF_FUNCTION(1,2); +extern uschar *string_sprintf(const char *, ...) ALMOST_PRINTF(1,2); /* End of local_scan.h */ diff --git a/src/src/malware.c b/src/src/malware.c index 890665483..7de913f49 100644 --- a/src/src/malware.c +++ b/src/src/malware.c @@ -1074,7 +1074,7 @@ static int malware_internal(uschar **listptr, uschar *eml_filename, BOOL faking) cmdline_trigger_re = pcre_compile(CS cmdline_trigger, PCRE_COPT, (const char **)&rerror, &roffset, NULL); if (cmdline_trigger_re == NULL) { log_write(0, LOG_MAIN|LOG_PANIC, - "malware acl condition: regular expression error in '%s': %s at offset %d", cmdline_trigger_re, rerror, roffset); + "malware acl condition: regular expression error in '%s': %s at offset %d", cmdline_trigger, rerror, roffset); return DEFER; }; @@ -1092,7 +1092,7 @@ static int malware_internal(uschar **listptr, uschar *eml_filename, BOOL faking) cmdline_regex_re = pcre_compile(CS cmdline_regex, PCRE_COPT, (const char **)&rerror, &roffset, NULL); if (cmdline_regex_re == NULL) { log_write(0, LOG_MAIN|LOG_PANIC, - "malware acl condition: regular expression error in '%s': %s at offset %d", cmdline_regex_re, rerror, roffset); + "malware acl condition: regular expression error in '%s': %s at offset %d", cmdline_regex, rerror, roffset); return DEFER; }; diff --git a/src/src/mytypes.h b/src/src/mytypes.h index f8a738da6..964abf820 100644 --- a/src/src/mytypes.h +++ b/src/src/mytypes.h @@ -37,6 +37,12 @@ the arguments of printf-like functions. This is done by a macro. */ #define ARG_UNUSED /**/ #endif +#ifdef WANT_DEEPER_PRINTF_CHECKS +#define ALMOST_PRINTF(A, B) PRINTF_FUNCTION(A, B) +#else +#define ALMOST_PRINTF(A, B) +#endif + /* Some operating systems (naughtily, imo) include a definition for "uchar" in the standard header files, so we use "uschar". Solaris has u_char in diff --git a/src/src/spool_mbox.c b/src/src/spool_mbox.c index 635fb8df1..bdeb2b1a6 100644 --- a/src/src/spool_mbox.c +++ b/src/src/spool_mbox.c @@ -56,7 +56,7 @@ FILE *spool_mbox(unsigned long *mbox_file_size, uschar *source_file_override) { mbox_file = modefopen(mbox_path, "wb", SPOOL_MODE); if (mbox_file == NULL) { log_write(0, LOG_MAIN|LOG_PANIC, "%s", string_open_failed(errno, - "scan file %s", mbox_file)); + "scan file %s", mbox_path)); goto OUT; }; @@ -155,7 +155,7 @@ FILE *spool_mbox(unsigned long *mbox_file_size, uschar *source_file_override) { if (Ustat(mbox_path, &statbuf) != 0 || (yield = Ufopen(mbox_path,"rb")) == NULL) { log_write(0, LOG_MAIN|LOG_PANIC, "%s", string_open_failed(errno, - "scan file %s", mbox_file)); + "scan file %s", mbox_path)); goto OUT; }; diff --git a/src/src/string.c b/src/src/string.c index 9764d3e38..08e604594 100644 --- a/src/src/string.c +++ b/src/src/string.c @@ -716,7 +716,7 @@ uschar buffer[STRING_SPRINTF_BUFFER_SIZE]; va_start(ap, format); if (!string_vformat(buffer, sizeof(buffer), format, ap)) log_write(0, LOG_MAIN|LOG_PANIC_DIE, - "string_sprintf expansion was longer than %d", sizeof(buffer)); + "string_sprintf expansion was longer than " SIZE_T_FMT, sizeof(buffer)); va_end(ap); return string_copy(buffer); } |