nilFM hack lab — openbox: bd2db36b6cbbc04614e0444fbf652f0a24f8f3ac

Another problem pointed out by clang

Using format specifiers without arguments in printf is still bad.

openbox/debug.c:105:18: warning: format string is not a string literal (potentially insecure)
    fprintf(out, log_domain);
                 ^~~~~~~~~~
openbox/debug.c:107:18: warning: format string is not a string literal (potentially insecure)
    fprintf(out, level);
                 ^~~~~
openbox/debug.c:109:18: warning: format string is not a string literal (potentially insecure)
    fprintf(out, message);
                 ^~~~~~~

Mikael Magnusson mikachu@gmail.com Mon, 10 Nov 2008 23:25:23 +0100

commit

bd2db36b6cbbc04614e0444fbf652f0a24f8f3ac

parent

a1746ab2158da2324aefb7ce81e7b5edc9c41e79

1 files changed, 3 insertions(+), 3 deletions(-)

jump to

openbox/debug.c

M openbox/debug.c → openbox/debug.c

@@ -102,11 +102,11 @@ 
 static inline void log_print(FILE *out, const gchar* log_domain,
                              const gchar *level, const gchar *message)
 {
-    fprintf(out, log_domain);
+    fprintf(out, "%s", log_domain);
     fprintf(out, "-");
-    fprintf(out, level);
+    fprintf(out, "%s", level);
     fprintf(out, ": ");
-    fprintf(out, message);
+    fprintf(out, "%s", message);
     fprintf(out, "\n");
     fflush(out);
 }

all repos — openbox @ bd2db36b6cbbc04614e0444fbf652f0a24f8f3ac

openbox fork - make it a bit more like ryudo