Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Update the codecheck1.c utility program to find unsafe format strings for recently added varargs functions. Fix unsafe varargs found by this update. This is a continuation of the fix in check-in [3c2ef25d03fb48d5]. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
2fac7df467ba00d73e2eb4b192ffe0d5 |
| User & Date: | drh 2018-01-16 16:30:23.664 |
Context
|
2018-01-16
| ||
| 16:32 | Fix bug in the db_get_mprintf() function and its siblings introduced by the previous check-in and caused by the parameter reordering. ... (check-in: ad984a25 user: drh tags: trunk) | |
| 16:30 | Update the codecheck1.c utility program to find unsafe format strings for recently added varargs functions. Fix unsafe varargs found by this update. This is a continuation of the fix in check-in [3c2ef25d03fb48d5]. ... (check-in: 2fac7df4 user: drh tags: trunk) | |
| 15:44 | merge previous fork ... (check-in: dddad4f0 user: mgagnon tags: trunk) | |
Changes
Changes to src/codecheck1.c.
| ︙ | ︙ | |||
139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
for(i=2; z[i] && z[i]!='\n'; i++){}
if( z[i] ){
(*pLN)++;
i++;
}
*pType = TK_SPACE;
return i;
}
*pType = TK_OTHER;
return 1;
}
/*
** Return the next non-whitespace token
| > > > > | 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 |
for(i=2; z[i] && z[i]!='\n'; i++){}
if( z[i] ){
(*pLN)++;
i++;
}
*pType = TK_SPACE;
return i;
}
if( z[0]=='\\' && (z[1]=='\n' || (z[1]=='\r' && z[2]=='\n')) ){
*pType = TK_SPACE;
return 1;
}
*pType = TK_OTHER;
return 1;
}
/*
** Return the next non-whitespace token
|
| ︙ | ︙ | |||
199 200 201 202 203 204 205 206 207 208 209 210 211 212 |
/*
** Return true if the input is a string literal.
*/
static int is_string_lit(const char *z){
int nu1, nu2;
z = next_non_whitespace(z, &nu1, &nu2);
return z[0]=='"';
}
/*
** Return true if the input is an expression of string literals:
**
** EXPR ? "..." : "..."
| > | 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 |
/*
** Return true if the input is a string literal.
*/
static int is_string_lit(const char *z){
int nu1, nu2;
z = next_non_whitespace(z, &nu1, &nu2);
if( strcmp(z, "NULL")==0 ) return 1;
return z[0]=='"';
}
/*
** Return true if the input is an expression of string literals:
**
** EXPR ? "..." : "..."
|
| ︙ | ︙ | |||
308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 |
const char *zFName; /* Name of the function */
int iFmtArg; /* Index of format argument. Leftmost is 1. */
unsigned fmtFlags; /* Processing flags */
} aFmtFunc[] = {
{ "admin_log", 1, 0 },
{ "blob_append_sql", 2, FMT_NO_S },
{ "blob_appendf", 2, 0 },
{ "cgi_panic", 1, 0 },
{ "cgi_redirectf", 1, 0 },
{ "chref", 2, 0 },
{ "db_blob", 2, FMT_NO_S },
{ "db_double", 2, FMT_NO_S },
{ "db_err", 1, 0 },
{ "db_exists", 1, FMT_NO_S },
{ "db_int", 2, FMT_NO_S },
{ "db_int64", 2, FMT_NO_S },
{ "db_multi_exec", 1, FMT_NO_S },
{ "db_optional_sql", 2, FMT_NO_S },
{ "db_prepare", 2, FMT_NO_S },
{ "db_prepare_ignore_error", 2, FMT_NO_S },
{ "db_static_prepare", 2, FMT_NO_S },
{ "db_text", 2, FMT_NO_S },
{ "form_begin", 2, 0 },
{ "fossil_error", 2, 0 },
{ "fossil_errorlog", 1, 0 },
{ "fossil_fatal", 1, 0 },
{ "fossil_fatal_recursive", 1, 0 },
{ "fossil_panic", 1, 0 },
{ "fossil_print", 1, 0 },
{ "fossil_trace", 1, 0 },
{ "fossil_warning", 1, 0 },
{ "href", 1, 0 },
{ "json_new_string_f", 1, 0 },
{ "mprintf", 1, 0 },
{ "socket_set_errmsg", 1, 0 },
{ "ssl_set_errmsg", 1, 0 },
{ "style_header", 1, 0 },
{ "style_set_current_page", 1, 0 },
{ "webpage_error", 1, 0 },
{ "xhref", 2, 0 },
};
/*
** Determine if the indentifier zIdent of length nIndent is a Fossil
** internal interface that uses a printf-style argument. Return zero if not.
| > > > > > > > > > > | 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 |
const char *zFName; /* Name of the function */
int iFmtArg; /* Index of format argument. Leftmost is 1. */
unsigned fmtFlags; /* Processing flags */
} aFmtFunc[] = {
{ "admin_log", 1, 0 },
{ "blob_append_sql", 2, FMT_NO_S },
{ "blob_appendf", 2, 0 },
{ "cgi_debug", 1, 0 },
{ "cgi_panic", 1, 0 },
{ "cgi_printf", 1, 0 },
{ "cgi_redirectf", 1, 0 },
{ "chref", 2, 0 },
{ "db_blob", 2, FMT_NO_S },
{ "db_debug", 1, FMT_NO_S },
{ "db_double", 2, FMT_NO_S },
{ "db_err", 1, 0 },
{ "db_exists", 1, FMT_NO_S },
{ "db_get_mprintf", 2, 0 },
{ "db_int", 2, FMT_NO_S },
{ "db_int64", 2, FMT_NO_S },
{ "db_multi_exec", 1, FMT_NO_S },
{ "db_optional_sql", 2, FMT_NO_S },
{ "db_prepare", 2, FMT_NO_S },
{ "db_prepare_ignore_error", 2, FMT_NO_S },
{ "db_set_mprintf", 3, 0 },
{ "db_static_prepare", 2, FMT_NO_S },
{ "db_text", 2, FMT_NO_S },
{ "db_unset_mprintf", 2, 0 },
{ "form_begin", 2, 0 },
{ "fossil_error", 2, 0 },
{ "fossil_errorlog", 1, 0 },
{ "fossil_fatal", 1, 0 },
{ "fossil_fatal_recursive", 1, 0 },
{ "fossil_panic", 1, 0 },
{ "fossil_print", 1, 0 },
{ "fossil_trace", 1, 0 },
{ "fossil_warning", 1, 0 },
{ "href", 1, 0 },
{ "json_new_string_f", 1, 0 },
{ "json_set_err", 2, 0 },
{ "json_warn", 2, 0 },
{ "mprintf", 1, 0 },
{ "socket_set_errmsg", 1, 0 },
{ "ssl_set_errmsg", 1, 0 },
{ "style_header", 1, 0 },
{ "style_set_current_page", 1, 0 },
{ "style_submenu_element", 2, 0 },
{ "style_submenu_sql", 3, 0 },
{ "webpage_error", 1, 0 },
{ "xhref", 2, 0 },
};
/*
** Determine if the indentifier zIdent of length nIndent is a Fossil
** internal interface that uses a printf-style argument. Return zero if not.
|
| ︙ | ︙ | |||
465 466 467 468 469 470 471 |
zFilename, lnFCall, szFName, zFCall);
nErr++;
}else{
const char *zFmt = azArg[fmtArg-1];
const char *zOverride = strstr(zFmt, "/*works-like:");
if( zOverride ) zFmt = zOverride + sizeof("/*works-like:")-1;
if( !is_string_lit(zFmt) ){
| | | | 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 |
zFilename, lnFCall, szFName, zFCall);
nErr++;
}else{
const char *zFmt = azArg[fmtArg-1];
const char *zOverride = strstr(zFmt, "/*works-like:");
if( zOverride ) zFmt = zOverride + sizeof("/*works-like:")-1;
if( !is_string_lit(zFmt) ){
printf("%s:%d: %.*s() has non-constant format on arg[%d]\n",
zFilename, lnFCall, szFName, zFCall, fmtArg-1);
nErr++;
}else if( (k = formatArgCount(zFmt, nArg, acType))>=0
&& nArg!=fmtArg+k ){
printf("%s:%d: too %s arguments to %.*s() "
"- got %d and expected %d\n",
zFilename, lnFCall, (nArg<fmtArg+k ? "few" : "many"),
szFName, zFCall, nArg, fmtArg+k);
|
| ︙ | ︙ |
Changes to src/db.c.
| ︙ | ︙ | |||
2480 2481 2482 2483 2484 2485 2486 |
}
void db_lset_int(const char *zName, int value){
db_multi_exec("REPLACE INTO vvar(name,value) VALUES(%Q,%d)", zName, value);
}
/* Va-args versions of db_get(), db_set(), and db_unset()
*/
| | | | | 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 2508 2509 2510 2511 2512 2513 2514 |
}
void db_lset_int(const char *zName, int value){
db_multi_exec("REPLACE INTO vvar(name,value) VALUES(%Q,%d)", zName, value);
}
/* Va-args versions of db_get(), db_set(), and db_unset()
*/
char *db_get_mprintf(const char *zDefault, const char *zFormat, ...){
va_list ap;
char *zName;
char *zResult;
va_start(ap, zDefault);
zName = vmprintf(zFormat, ap);
va_end(ap);
zResult = db_get(zName, zDefault);
fossil_free(zName);
return zResult;
}
void db_set_mprintf(const char *zNew, int iGlobal, const char *zFormat, ...){
va_list ap;
char *zName;
va_start(ap, iGlobal);
zName = vmprintf(zFormat, ap);
va_end(ap);
db_set(zName, zNew, iGlobal);
fossil_free(zName);
}
void db_unset_mprintf(int iGlobal, const char *zFormat, ...){
va_list ap;
char *zName;
va_start(ap, iGlobal);
zName = vmprintf(zFormat, ap);
va_end(ap);
db_unset(zName, iGlobal);
fossil_free(zName);
|
| ︙ | ︙ |
Changes to src/json.c.
| ︙ | ︙ | |||
1606 1607 1608 1609 1610 1611 1612 |
}
assert( 0 && "Alloc error.");
return NULL;
}
}
cson_value_free(colNamesV);
if(warnMsg){
| | | 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 |
}
assert( 0 && "Alloc error.");
return NULL;
}
}
cson_value_free(colNamesV);
if(warnMsg){
json_warn( FSL_JSON_W_ROW_TO_JSON_FAILED, "%s", warnMsg );
}
return cson_array_value(a);
}
/*
** Works just like json_stmt_to_array_of_obj(), but each row in the
** result set is represented as an Array of values instead of an
|
| ︙ | ︙ |
Changes to src/json_branch.c.
| ︙ | ︙ | |||
138 139 140 141 142 143 144 |
cson_array_append(list,v);
}else if(!sawConversionError){
sawConversionError = mprintf("Column-to-json failed @ %s:%d",
__FILE__,__LINE__);
}
}
if( sawConversionError ){
| | | 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
cson_array_append(list,v);
}else if(!sawConversionError){
sawConversionError = mprintf("Column-to-json failed @ %s:%d",
__FILE__,__LINE__);
}
}
if( sawConversionError ){
json_warn(FSL_JSON_W_COL_TO_JSON_FAILED,"%s",sawConversionError);
free(sawConversionError);
}
return payV;
}
/*
** Parameters for the create-branch operation.
|
| ︙ | ︙ | |||
357 358 359 360 361 362 363 |
}else{
opt.isPrivate = 0;
}
}
rc = json_branch_new( &opt, &rid );
if(rc){
| | | 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 |
}else{
opt.isPrivate = 0;
}
}
rc = json_branch_new( &opt, &rid );
if(rc){
json_set_err(rc, "%s", opt.rcErrMsg);
goto error;
}
assert(0 != rid);
payV = cson_value_new_object();
pay = cson_value_get_object(payV);
cson_object_set(pay,"name",json_new_string(opt.zName));
|
| ︙ | ︙ |
Changes to src/printf.c.
| ︙ | ︙ | |||
1146 1147 1148 1149 1150 1151 1152 |
va_list ap;
va_start(ap, zFormat);
z = vmprintf(zFormat, ap);
va_end(ap);
fossil_errorlog("warning: %s", z);
#ifdef FOSSIL_ENABLE_JSON
if(g.json.isJsonMode){
| | | 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 |
va_list ap;
va_start(ap, zFormat);
z = vmprintf(zFormat, ap);
va_end(ap);
fossil_errorlog("warning: %s", z);
#ifdef FOSSIL_ENABLE_JSON
if(g.json.isJsonMode){
json_warn( FSL_JSON_W_UNKNOWN, "%s", z );
}else
#endif
{
if( g.cgiOutput ){
cgi_printf("<p class=\"generalError\">\n%h\n</p>\n", z);
}else{
fossil_force_newline();
|
| ︙ | ︙ |
Changes to src/setup.c.
| ︙ | ︙ | |||
598 599 600 601 602 603 604 |
"<span class=\"ueditInheritNobody\"><sub>[N]</sub></span>";
}
free(z2);
}
/* Begin generating the page
*/
| | | 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 |
"<span class=\"ueditInheritNobody\"><sub>[N]</sub></span>";
}
free(z2);
}
/* Begin generating the page
*/
style_submenu_element("Cancel", "%s", cgi_referer("setup_ulist"));
if( uid ){
style_header("Edit User %h", zLogin);
style_submenu_element("Access Log", "%R/access_log?u=%t", zLogin);
}else{
style_header("Add A New User");
}
@ <div class="ueditCapBox">
|
| ︙ | ︙ |
Changes to src/skins.c.
| ︙ | ︙ | |||
665 666 667 668 669 670 671 |
** Return the text of one of the skin files.
*/
static const char *skin_file_content(const char *zLabel, const char *zFile){
const char *zResult;
if( fossil_strcmp(zLabel, "current")==0 ){
zResult = db_get(zFile, "");
}else if( sqlite3_strglob("draft[1-9]", zLabel)==0 ){
| | | 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 |
** Return the text of one of the skin files.
*/
static const char *skin_file_content(const char *zLabel, const char *zFile){
const char *zResult;
if( fossil_strcmp(zLabel, "current")==0 ){
zResult = db_get(zFile, "");
}else if( sqlite3_strglob("draft[1-9]", zLabel)==0 ){
zResult = db_get_mprintf("", "%s-%s", zLabel, zFile);
}else{
while( 1 ){
char *zKey = mprintf("skins/%s/%s.txt", zLabel, zFile);
zResult = builtin_text(zKey);
fossil_free(zKey);
if( zResult!=0 || fossil_strcmp(zLabel,"default")==0 ) break;
}
|
| ︙ | ︙ | |||
716 717 718 719 720 721 722 |
/* Figure out which skin we are editing */
iSkin = atoi(PD("sk","1"));
if( iSkin<1 || iSkin>9 ) iSkin = 1;
/* Check that the user is authorized to edit this skin. */
if( !g.perm.Setup ){
| | | 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 |
/* Figure out which skin we are editing */
iSkin = atoi(PD("sk","1"));
if( iSkin<1 || iSkin>9 ) iSkin = 1;
/* Check that the user is authorized to edit this skin. */
if( !g.perm.Setup ){
char *zAllowedEditors = db_get_mprintf("", "draft%d-users", iSkin);
Glob *pAllowedEditors;
if( zAllowedEditors[0] ){
pAllowedEditors = glob_create(zAllowedEditors);
if( !glob_match(pAllowedEditors, zAllowedEditors) ){
login_needed(0);
return;
}
|
| ︙ | ︙ | |||
799 800 801 802 803 804 805 |
** skin named by zTemplate.
*/
static void skin_initialize_draft(int iSkin, const char *zTemplate){
int i;
if( zTemplate==0 ) return;
for(i=0; i<count(azSkinFile); i++){
const char *z = skin_file_content(zTemplate, azSkinFile[i]);
| | | 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 |
** skin named by zTemplate.
*/
static void skin_initialize_draft(int iSkin, const char *zTemplate){
int i;
if( zTemplate==0 ) return;
for(i=0; i<count(azSkinFile); i++){
const char *z = skin_file_content(zTemplate, azSkinFile[i]);
db_set_mprintf(z, 0, "draft%d-%s", iSkin, azSkinFile[i]);
}
}
/*
** Publish the draft skin iSkin as the new default.
*/
static void skin_publish(int iSkin){
|
| ︙ | ︙ | |||
836 837 838 839 840 841 842 |
" strftime('skin:Backup On %%Y-%%m-%%d %%H:%%M:%%S'),"
" %Q,now())", zCurrent
);
}
/* Publish draft iSkin */
for(i=0; i<count(azSkinFile); i++){
| | | 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 |
" strftime('skin:Backup On %%Y-%%m-%%d %%H:%%M:%%S'),"
" %Q,now())", zCurrent
);
}
/* Publish draft iSkin */
for(i=0; i<count(azSkinFile); i++){
char *zNew = db_get_mprintf("", "draft%d-%s", iSkin, azSkinFile[i]);
db_set(azSkinFile[i], zNew, 0);
}
}
/*
** WEBPAGE: setup_skin
**
|
| ︙ | ︙ | |||
870 871 872 873 874 875 876 |
iSkin = atoi(PD("sk","1"));
if( iSkin<1 || iSkin>9 ) iSkin = 1;
/* Figure out if the current user is allowed to make administrative
** changes and/or edits
*/
login_check_credentials();
| | | | | 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 |
iSkin = atoi(PD("sk","1"));
if( iSkin<1 || iSkin>9 ) iSkin = 1;
/* Figure out if the current user is allowed to make administrative
** changes and/or edits
*/
login_check_credentials();
zAllowedEditors = db_get_mprintf("", "draft%d-users", iSkin);
if( g.perm.Setup ){
isSetup = isEditor = 1;
}else{
Glob *pAllowedEditors;
isSetup = isEditor = 0;
if( zAllowedEditors[0] ){
pAllowedEditors = glob_create(zAllowedEditors);
isEditor = glob_match(pAllowedEditors, zAllowedEditors);
glob_free(pAllowedEditors);
}
}
/* Initialize the skin, if requested and authorized. */
if( P("init3")!=0 && isEditor ){
skin_initialize_draft(iSkin, P("initskin"));
}
if( P("submit2")!=0 && isSetup ){
db_set_mprintf(PD("editors",""), 0, "draft%d-users", iSkin);
zAllowedEditors = db_get_mprintf("", "draft%d-users", iSkin);
}
/* Publish the draft skin */
if( P("pub7")!=0 && PB("pub7ck1") && PB("pub7ck2") ){
skin_publish(iSkin);
}
|
| ︙ | ︙ | |||
957 958 959 960 961 962 963 |
@ further information.</p>
}
@
@ <a name='step3'></a>
@ <h1>Step 3: Initialize The Draft</h1>
@
if( !isEditor ){
| | | 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 |
@ further information.</p>
}
@
@ <a name='step3'></a>
@ <h1>Step 3: Initialize The Draft</h1>
@
if( !isEditor ){
@ <p>You are not allowed to initialize draft%d(iSkin). Contact
@ the administrator for this repository for more information.
}else{
@ <p>Initialize the draft%d(iSkin) skin to one of the built-in skins
@ or a preexisting skin, to use as a baseline.</p>
@
@ <form method='POST' action='%R/setup_skin#step4' id='f03'>
@ <p class='skinInput'>
|
| ︙ | ︙ |