Make sure we're paranoid about accidentally feeding a format string.

author Pierre Ossman <ossman@cendio.se>

Wed, 25 Apr 2012 15:43:56 +0000 (15:43 +0000)

committer Pierre Ossman <ossman@cendio.se>

Wed, 25 Apr 2012 15:43:56 +0000 (15:43 +0000)
author Pierre Ossman <ossman@cendio.se>
Wed, 25 Apr 2012 15:43:56 +0000 (15:43 +0000)
committer Pierre Ossman <ossman@cendio.se>
Wed, 25 Apr 2012 15:43:56 +0000 (15:43 +0000)
diff --git a/vncviewer/CConn.cxx b/vncviewer/CConn.cxx

index fbd9a8ed07af31556ef98cfa340fd0e9bf79687b..12ebbe49c7b644747e1a960931b914ecda0af045 100644 (file)
--- a/vncviewer/CConn.cxx
+++ b/vncviewer/CConn.cxx
@@ -100,7 +100,7 @@ CConn::CConn(const char* vncServerName)
      vlog.info(_("connected to host %s port %d"), serverHost, serverPort);
    } catch (rdr::Exception& e) {
      vlog.error(e.str());
-    fl_alert(e.str());
+    fl_alert("%s", e.str());
      exit_vncviewer();
      return;
    }
diff --git a/vncviewer/UserDialog.cxx b/vncviewer/UserDialog.cxx

index f36d84370d9dc9bb5c38a5cc89dc188f5705ae9c..b57588deb847163a379ec7cfd7f3b648e2a3850b 100644 (file)
--- a/vncviewer/UserDialog.cxx
+++ b/vncviewer/UserDialog.cxx
@@ -150,22 +150,20 @@ bool UserDialog::showMsgBox(int flags, const char* title, const char* text)
    // FLTK doesn't give us a flexible choice of the icon, so we ignore those
    // bits for now.
  
-  // FIXME: Filter out % from input text
-
    fl_message_title(title);
  
    switch (flags & 0xf) {
    case M_OKCANCEL:
-    return fl_choice(buffer, NULL, fl_ok, fl_cancel) == 1;
+    return fl_choice("%s", NULL, fl_ok, fl_cancel, buffer) == 1;
    case M_YESNO:
-    return fl_choice(buffer, NULL, fl_yes, fl_no) == 1;
+    return fl_choice("%s", NULL, fl_yes, fl_no, buffer) == 1;
    case M_OK:
    default:
      if (((flags & 0xf0) == M_ICONERROR) ||
          ((flags & 0xf0) == M_ICONWARNING))
-      fl_alert(buffer);
+      fl_alert("%s", buffer);
      else
-      fl_message(buffer);
+      fl_message("%s", buffer);
      return true;
    }
  
diff --git a/vncviewer/Viewport.cxx b/vncviewer/Viewport.cxx

index 768bc34eef529ee6629f4c91ecfd2dfd065b267a..1588f27446cc01d8ae1b0c4ea13d177e23e5b2fd 100644 (file)
--- a/vncviewer/Viewport.cxx
+++ b/vncviewer/Viewport.cxx
@@ -950,7 +950,7 @@ void Viewport::popupContextMenu()
    case ID_INFO:
      if (fltk_escape(cc->connectionInfo(), buffer, sizeof(buffer)) < sizeof(buffer)) {
        fl_message_title(_("VNC connection info"));
-      fl_message(buffer);
+      fl_message("%s", buffer);
      }
      break;
    case ID_ABOUT:
diff --git a/vncviewer/vncviewer.cxx b/vncviewer/vncviewer.cxx

index ff325d135720be80c9f8e9cb5c5b24c78f61a942..47fd5516acfe5a06a3bf6a6d6bff78a54fbdac1c 100644 (file)
--- a/vncviewer/vncviewer.cxx
+++ b/vncviewer/vncviewer.cxx
@@ -69,7 +69,10 @@ using namespace network;
  using namespace rfb;
  using namespace std;
  
-static char aboutText[1024];
+static const char aboutText[] = N_("TigerVNC Viewer %d-bit v%s (%s)\n"
+                                   "%s\n"
+                                   "Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt)\n"
+                                   "See http://www.tigervnc.org for information on TigerVNC.");
  extern const char* buildTime;
  
  static bool exitMainloop = false;
@@ -88,7 +91,8 @@ void exit_vncviewer(const char *error)
  void about_vncviewer()
  {
    fl_message_title(_("About TigerVNC Viewer"));
-  fl_message(aboutText);
+  fl_message(gettext(aboutText), (int)sizeof(size_t)*8,
+             PACKAGE_VERSION, __BUILD__, buildTime);
  }
  
  static void about_callback(Fl_Widget *widget, void *data)
@@ -267,11 +271,6 @@ int main(int argc, char** argv)
    const char* vncServerName = NULL;
    UserDialog dlg;
  
-  const char englishAbout[] = N_("TigerVNC Viewer %d-bit v%s (%s)\n"
-                                 "%s\n"
-                                 "Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt)\n"
-                                 "See http://www.tigervnc.org for information on TigerVNC.");
-
    setlocale(LC_ALL, "");
    bindtextdomain(PACKAGE_NAME, LOCALE_DIR);
    textdomain(PACKAGE_NAME);
@@ -279,10 +278,10 @@ int main(int argc, char** argv)
    rfb::SecurityClient::setDefaults();
  
    // Write about text to console, still using normal locale codeset
-  snprintf(aboutText, sizeof(aboutText),
-           gettext(englishAbout), (int)sizeof(size_t)*8, PACKAGE_VERSION,
-           __BUILD__, buildTime);
-  fprintf(stderr,"\n%s\n", aboutText);
+  fprintf(stderr,"\n");
+  fprintf(stderr, gettext(aboutText), (int)sizeof(size_t)*8,
+          PACKAGE_VERSION, __BUILD__, buildTime);
+  fprintf(stderr,"\n");
  
    // Set gettext codeset to what our GUI toolkit uses. Since we are
    // passing strings from strerror/gai_strerror to the GUI, these must
@@ -290,11 +289,6 @@ int main(int argc, char** argv)
    bind_textdomain_codeset(PACKAGE_NAME, "UTF-8");
    bind_textdomain_codeset("libc", "UTF-8");
  
-  // Re-create the aboutText for the GUI, now using GUI codeset
-  snprintf(aboutText, sizeof(aboutText),
-           gettext(englishAbout), (int)sizeof(size_t)*8, PACKAGE_VERSION,
-           __BUILD__, buildTime);
-
    rfb::initStdIOLoggers();
    rfb::LogWriter::setLogParams("*:stderr:30");
  
@@ -376,7 +370,7 @@ int main(int argc, char** argv)
    delete cc;
  
    if (exitError != NULL)
-    fl_alert(exitError);
+    fl_alert("%s", exitError);
  
    return 0;
  }
author	Pierre Ossman <ossman@cendio.se>
	Wed, 25 Apr 2012 15:43:56 +0000 (15:43 +0000)
committer	Pierre Ossman <ossman@cendio.se>
	Wed, 25 Apr 2012 15:43:56 +0000 (15:43 +0000)
vncviewer/CConn.cxx		patch \| blob \| history
vncviewer/UserDialog.cxx		patch \| blob \| history
vncviewer/Viewport.cxx		patch \| blob \| history
vncviewer/vncviewer.cxx		patch \| blob \| history