1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
From a5c8e2676b94d2ea41b44b4e05943bee6459f337 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 30 Oct 2021 09:46:35 -0700
Subject: [PATCH] libsinsp: Fix a lot of -Werror=format-security errors with
mvprintw/mvwprintw
In all these places a non-constant is used as a format string which
compiler complains about. Fix by using "%s" as format.
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
userspace/libsinsp/cursescomponents.cpp | 4 ++--
userspace/libsinsp/cursesspectro.cpp | 2 +-
userspace/libsinsp/cursestable.cpp | 6 +++---
userspace/libsinsp/cursesui.cpp | 14 +++++++-------
4 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/userspace/libsinsp/cursescomponents.cpp b/userspace/libsinsp/cursescomponents.cpp
index 4003cb4e..372b4526 100644
--- a/userspace/libsinsp/cursescomponents.cpp
+++ b/userspace/libsinsp/cursescomponents.cpp
@@ -877,7 +877,7 @@ void curses_textbox::print_no_data()
string wstr = "No Data For This Selection";
mvprintw(m_parent->m_screenh / 2,
m_parent->m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
refresh();
}
@@ -1100,7 +1100,7 @@ void curses_textbox::render()
attrset(m_parent->m_colors[sinsp_cursesui::LARGE_NUMBER]);
mvprintw(0,
m_parent->m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
}
//
diff --git a/userspace/libsinsp/cursesspectro.cpp b/userspace/libsinsp/cursesspectro.cpp
index 6858bc95..32012963 100644
--- a/userspace/libsinsp/cursesspectro.cpp
+++ b/userspace/libsinsp/cursesspectro.cpp
@@ -227,7 +227,7 @@ void curses_spectro::print_error(string wstr)
mvwprintw(m_tblwin,
m_parent->m_screenh / 2,
m_parent->m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
}
void curses_spectro::update_data(vector<sinsp_sample_row>* data, bool force_selection_change)
diff --git a/userspace/libsinsp/cursestable.cpp b/userspace/libsinsp/cursestable.cpp
index 69c2aa32..54667554 100644
--- a/userspace/libsinsp/cursestable.cpp
+++ b/userspace/libsinsp/cursestable.cpp
@@ -254,7 +254,7 @@ void curses_table::print_line_centered(string line, int32_t off)
mvwprintw(m_tblwin,
m_parent->m_screenh / 2 + off,
m_parent->m_screenw / 2 - line.size() / 2,
- line.c_str());
+ "%s", line.c_str());
}
else
{
@@ -268,7 +268,7 @@ glogf("2, %d %s\n", spos, ss.c_str());
mvwprintw(m_tblwin,
m_parent->m_screenh / 2 + off + j,
0,
- ss.c_str());
+ "%s", ss.c_str());
spos += m_parent->m_screenw;
if(spos >= line.size())
@@ -328,7 +328,7 @@ void curses_table::print_error(string wstr)
mvwprintw(m_tblwin,
m_parent->m_screenh / 2,
m_parent->m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
}
void curses_table::render(bool data_changed)
diff --git a/userspace/libsinsp/cursesui.cpp b/userspace/libsinsp/cursesui.cpp
index 1eeb0864..69652edc 100644
--- a/userspace/libsinsp/cursesui.cpp
+++ b/userspace/libsinsp/cursesui.cpp
@@ -825,7 +825,7 @@ void sinsp_cursesui::render_header()
attrset(m_colors[sinsp_cursesui::LARGE_NUMBER]);
mvprintw(0,
m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
}
//
@@ -1123,7 +1123,7 @@ void sinsp_cursesui::render_filtersearch_main_menu()
m_cursor_pos = cursor_pos;
- mvprintw(m_screenh - 1, m_cursor_pos, str->c_str());
+ mvprintw(m_screenh - 1, m_cursor_pos, "%s", str->c_str());
m_cursor_pos += str->size();
}
@@ -2189,7 +2189,7 @@ void sinsp_cursesui::print_progress(double progress)
string wstr = "Processing File";
mvprintw(m_screenh / 2,
m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
//
// Using sprintf because to_string doesn't support setting the precision
@@ -2199,7 +2199,7 @@ void sinsp_cursesui::print_progress(double progress)
wstr = "Progress: " + string(numbuf);
mvprintw(m_screenh / 2 + 1,
m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
refresh();
}
@@ -2308,7 +2308,7 @@ sysdig_table_action sinsp_cursesui::handle_textbox_input(int ch)
attrset(m_colors[sinsp_cursesui::FAILED_SEARCH]);
mvprintw(m_screenh / 2,
m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
//
// Restore the cursor
@@ -2363,7 +2363,7 @@ sysdig_table_action sinsp_cursesui::handle_textbox_input(int ch)
mvprintw(m_screenh / 2,
m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
render();
}
@@ -2436,7 +2436,7 @@ sysdig_table_action sinsp_cursesui::handle_textbox_input(int ch)
mvprintw(m_screenh / 2,
m_screenw / 2 - wstr.size() / 2,
- wstr.c_str());
+ "%s", wstr.c_str());
render();
}
--
2.33.1
|
