This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH][AVR] fix unsafe uses of sprintf


Under Ubuntu 8.10 when configuring with --target=avr, the binutils
2.19 build process produces the following errors:

libtool: compile:  gcc -DHAVE_CONFIG_H -I.
-I../../binutils-2.19/opcodes -I. -I. -I../../binutils-2.19/opcodes
-I../bfd -I../../binutils-2.19/opcodes/../include
-I../../binutils-2.19/opcodes/../bfd -W -Wall -Wstrict-prototypes
-Wmissing-prototypes -Werror -g -O2 -c
../../binutils-2.19/opcodes/avr-dis.c -o avr-dis.o
cc1: warnings being treated as errors
../../binutils-2.19/opcodes/avr-dis.c: In function 'avr_operand':
../../binutils-2.19/opcodes/avr-dis.c:112: error: format not a string
literal and no format arguments
../../binutils-2.19/opcodes/avr-dis.c:152: error: format not a string
literal and no format arguments
../../binutils-2.19/opcodes/avr-dis.c:161: error: format not a string
literal and no format arguments
../../binutils-2.19/opcodes/avr-dis.c:172: error: format not a string
literal and no format arguments

These appear to be caused by the default use of -Wformat-security in
Ubuntu 8.10, as described in
http://lists.gnu.org/archive/html/bug-binutils/2008-09/msg00034.html.

The below patch fixes these errors.

Denver
http://ossguy.com/


diff -pur a/opcodes/avr-dis.c b/opcodes/avr-dis.c
--- a/opcodes/avr-dis.c	2007-07-05 05:49:00.000000000 -0400
+++ b/opcodes/avr-dis.c	2008-11-02 12:00:22.000000000 -0500
@@ -109,7 +109,7 @@ avr_operand (unsigned int insn, unsigned
 	    case 0x100e: xyz = "-X"; break;
 	    default: xyz = "??"; ok = 0;
 	  }
-	sprintf (buf, xyz);
+	sprintf (buf, "%s", xyz);

 	if (AVR_UNDEF_P (insn))
 	  sprintf (comment, _("undefined"));
@@ -149,7 +149,7 @@ avr_operand (unsigned int insn, unsigned
 	 value of the address only once, but this would mean recoding
 	 objdump_print_address() which would affect many targets.  */
       sprintf (buf, "%#lx", (unsigned long) *sym_addr);
-      sprintf (comment, comment_start);
+      sprintf (comment, "%s", comment_start);
       break;

     case 'L':
@@ -158,7 +158,7 @@ avr_operand (unsigned int insn, unsigned
 	sprintf (buf, ".%+-8d", rel_addr);
         *sym = 1;
         *sym_addr = pc + 2 + rel_addr;
-	sprintf (comment, comment_start);
+	sprintf (comment, "%s", comment_start);
       }
       break;

@@ -169,7 +169,7 @@ avr_operand (unsigned int insn, unsigned
 	sprintf (buf, ".%+-8d", rel_addr);
         *sym = 1;
         *sym_addr = pc + 2 + rel_addr;
-	sprintf (comment, comment_start);
+	sprintf (comment, "%s", comment_start);
       }
       break;


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]