Fix reporter using part of the actual message as a format string

When not reporting via events, the final contents of the message buffer after formatting was being used as a format string to fprintf instead of writing out the actual string.
2025-10-08 09:38:19 +00:00 · 2011-08-10 12:28:36 -05:00 · 2011-08-10 12:28:36 -05:00 · 00de88f4cb
commit 00de88f4cb
parent 33b064bdb2
3 changed files with 12 additions and 1 deletions
--- a/src/Reporter.cc
+++ b/src/Reporter.cc
@ -302,7 +302,7 @@ void Reporter::DoLog(const char* prefix, EventHandlerPtr event, FILE* out, Conne
 		s += buffer;
 		s += "\n";

-		fprintf(out, s.c_str());
+		fprintf(out, "%s", s.c_str());
 		}

 	if ( alloced )
--- a/testing/btest/Baseline/core.reporter-fmt-strings/output
+++ b/testing/btest/Baseline/core.reporter-fmt-strings/output
@ -0,0 +1 @@
+error in /Users/jsiwek/tmp/bro/testing/btest/.tmp/core.reporter-fmt-strings/reporter-fmt-strings.bro, line 9: not an event (dont_interpret_this(%s))
--- a/testing/btest/core/reporter-fmt-strings.bro
+++ b/testing/btest/core/reporter-fmt-strings.bro
@ -0,0 +1,10 @@
+# The format string below should end up as a literal part of the reporter's
+# error message to stderr and shouldn't be replaced internally.
+#
+# @TEST-EXEC-FAIL: bro %INPUT >output 2>&1
+# @TEST-EXEC:      TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff output
+
+event bro_init()
+{
+    event dont_interpret_this("%s");
+}
				`@ -0,0 +1 @@`
				`error in /Users/jsiwek/tmp/bro/testing/btest/.tmp/core.reporter-fmt-strings/reporter-fmt-strings.bro, line 9: not an event (dont_interpret_this(%s))`