diff --git a/src/Base64.h b/src/Base64.h index 0fe7e04910..7f351a2c2b 100644 --- a/src/Base64.h +++ b/src/Base64.h @@ -44,7 +44,7 @@ public: if ( analyzer ) analyzer->Weird("base64_illegal_encoding", msg); else - reporter->Error(msg); + reporter->Error("%s", msg); } protected: diff --git a/src/CompHash.cc b/src/CompHash.cc index 6893cafd8f..148c8384ee 100644 --- a/src/CompHash.cc +++ b/src/CompHash.cc @@ -522,7 +522,7 @@ ListVal* CompositeHash::RecoverVals(const HashKey* k) const } if ( kp != k_end ) - reporter->InternalError("under-ran key in CompositeHash::DescribeKey %ld", k_end - kp); + reporter->InternalError("under-ran key in CompositeHash::DescribeKey %zd", k_end - kp); return l; } diff --git a/src/Debug.cc b/src/Debug.cc index 3aa805d5bf..1b849fff7e 100644 --- a/src/Debug.cc +++ b/src/Debug.cc @@ -797,7 +797,7 @@ int dbg_handle_debug_input() input_line = (char*) safe_malloc(1024); input_line[1023] = 0; // ### Maybe it's not always stdin. - fgets(input_line, 1023, stdin); + input_line = fgets(input_line, 1023, stdin); #endif // ### Maybe not stdin; maybe do better cleanup. diff --git a/src/Desc.cc b/src/Desc.cc index 7121253087..745b7c5efa 100644 --- a/src/Desc.cc +++ b/src/Desc.cc @@ -296,7 +296,7 @@ void ODesc::AddBytesRaw(const void* bytes, unsigned int n) if ( ! write_failed ) // Most likely it's a "disk full" so report // subsequent failures only once. - reporter->Error(fmt("error writing to %s: %s", f->Name(), strerror(errno))); + reporter->Error("%s", fmt("error writing to %s: %s", f->Name(), strerror(errno))); write_failed = true; return; diff --git a/src/File.cc b/src/File.cc index 37ce7c0b4b..cd8c635504 100644 --- a/src/File.cc +++ b/src/File.cc @@ -149,7 +149,7 @@ BroFile::BroFile(const char* arg_name, const char* arg_access, BroType* arg_t) t = arg_t ? arg_t : base_type(TYPE_STRING); if ( ! Open() ) { - reporter->Error(fmt("cannot open %s: %s", name, strerror(errno))); + reporter->Error("%s", fmt("cannot open %s: %s", name, strerror(errno))); is_open = 0; okay_to_manage = 0; } @@ -641,7 +641,7 @@ void BroFile::InitEncrypt(const char* keyfile) if ( ! key ) { - reporter->Error(fmt("can't open key file %s: %s", keyfile, strerror(errno))); + reporter->Error("%s", fmt("can't open key file %s: %s", keyfile, strerror(errno))); Close(); return; } @@ -649,7 +649,7 @@ void BroFile::InitEncrypt(const char* keyfile) pub_key = PEM_read_PUBKEY(key, 0, 0, 0); if ( ! pub_key ) { - reporter->Error(fmt("can't read key from %s: %s", keyfile, + reporter->Error("%s", fmt("can't read key from %s: %s", keyfile, ERR_error_string(ERR_get_error(), 0))); Close(); return; @@ -671,7 +671,7 @@ void BroFile::InitEncrypt(const char* keyfile) if ( ! EVP_SealInit(cipher_ctx, cipher_type, &psecret, (int*) &secret_len, iv, &pub_key, 1) ) { - reporter->Error(fmt("can't init cipher context for %s: %s", keyfile, + reporter->Error("%s", fmt("can't init cipher context for %s: %s", keyfile, ERR_error_string(ERR_get_error(), 0))); Close(); return; @@ -684,7 +684,7 @@ void BroFile::InitEncrypt(const char* keyfile) fwrite(secret, ntohl(secret_len), 1, f) && fwrite(iv, iv_len, 1, f)) ) { - reporter->Error(fmt("can't write header to log file %s: %s", + reporter->Error("%s", fmt("can't write header to log file %s: %s", name, strerror(errno))); Close(); return; @@ -709,7 +709,7 @@ void BroFile::FinishEncrypt() if ( outl && ! fwrite(cipher_buffer, outl, 1, f) ) { - reporter->Error(fmt("write error for %s: %s", + reporter->Error("%s", fmt("write error for %s: %s", name, strerror(errno))); return; } @@ -741,7 +741,7 @@ int BroFile::Write(const char* data, int len) if ( ! EVP_SealUpdate(cipher_ctx, cipher_buffer, &outl, (unsigned char*)data, inl) ) { - reporter->Error(fmt("encryption error for %s: %s", + reporter->Error("%s", fmt("encryption error for %s: %s", name, ERR_error_string(ERR_get_error(), 0))); Close(); @@ -750,7 +750,7 @@ int BroFile::Write(const char* data, int len) if ( outl && ! fwrite(cipher_buffer, outl, 1, f) ) { - reporter->Error(fmt("write error for %s: %s", + reporter->Error("%s", fmt("write error for %s: %s", name, strerror(errno))); Close(); return 0; @@ -798,7 +798,7 @@ void BroFile::UpdateFileSize() struct stat s; if ( fstat(fileno(f), &s) < 0 ) { - reporter->Error(fmt("can't stat fd for %s: %s", name, strerror(errno))); + reporter->Error("%s", fmt("can't stat fd for %s: %s", name, strerror(errno))); current_size = 0; return; } diff --git a/src/FileAnalyzer.cc b/src/FileAnalyzer.cc index 1abe88caec..fc1ac0563c 100644 --- a/src/FileAnalyzer.cc +++ b/src/FileAnalyzer.cc @@ -74,11 +74,11 @@ void File_Analyzer::InitMagic(magic_t* magic, int flags) *magic = magic_open(flags); if ( ! *magic ) - reporter->Error(fmt("can't init libmagic: %s", magic_error(*magic))); + reporter->Error("%s", fmt("can't init libmagic: %s", magic_error(*magic))); else if ( magic_load(*magic, 0) < 0 ) { - reporter->Error(fmt("can't load magic file: %s", magic_error(*magic))); + reporter->Error("%s", fmt("can't load magic file: %s", magic_error(*magic))); magic_close(*magic); *magic = 0; } diff --git a/src/LogMgr.cc b/src/LogMgr.cc index 9e320f8810..16c82a4646 100644 --- a/src/LogMgr.cc +++ b/src/LogMgr.cc @@ -1453,7 +1453,7 @@ bool LogMgr::Flush(EnumVal* id) void LogMgr::Error(LogWriter* writer, const char* msg) { - reporter->Error(fmt("error with writer for %s: %s", + reporter->Error("%s", fmt("error with writer for %s: %s", writer->Path().c_str(), msg)); } diff --git a/src/OSFinger.cc b/src/OSFinger.cc index 70504e8422..e23e3044ec 100644 --- a/src/OSFinger.cc +++ b/src/OSFinger.cc @@ -85,7 +85,7 @@ void OSFingerprint::collide(uint32 id) if (sig[id].ttl % 32 && sig[id].ttl != 255 && sig[id].ttl % 30) { problems=1; - reporter->Warning(fmt("OS fingerprinting: [!] Unusual TTL (%d) for signature '%s %s' (line %d).", + reporter->Warning("%s", fmt("OS fingerprinting: [!] Unusual TTL (%d) for signature '%s %s' (line %d).", sig[id].ttl,sig[id].os,sig[id].desc,sig[id].line)); } @@ -94,7 +94,7 @@ void OSFingerprint::collide(uint32 id) if (!strcmp(sig[i].os,sig[id].os) && !strcmp(sig[i].desc,sig[id].desc)) { problems=1; - reporter->Warning(fmt("OS fingerprinting: [!] Duplicate signature name: '%s %s' (line %d and %d).", + reporter->Warning("%s", fmt("OS fingerprinting: [!] Duplicate signature name: '%s %s' (line %d and %d).", sig[i].os,sig[i].desc,sig[i].line,sig[id].line)); } @@ -277,7 +277,7 @@ do_const: if (sig[id].opt[j] ^ sig[i].opt[j]) goto reloop; problems=1; - reporter->Warning(fmt("OS fingerprinting: [!] Signature '%s %s' (line %d)\n" + reporter->Warning("%s", fmt("OS fingerprinting: [!] Signature '%s %s' (line %d)\n" " is already covered by '%s %s' (line %d).", sig[id].os,sig[id].desc,sig[id].line,sig[i].os,sig[i].desc, sig[i].line)); diff --git a/src/PolicyFile.cc b/src/PolicyFile.cc index 53b115048a..9f67ee88a1 100644 --- a/src/PolicyFile.cc +++ b/src/PolicyFile.cc @@ -88,7 +88,8 @@ bool LoadPolicyFileText(const char* policy_filename) // ### This code is not necessarily Unicode safe! // (probably fine with UTF-8) pf->filedata = new char[size+1]; - fread(pf->filedata, size, 1, f); + if ( fread(pf->filedata, size, 1, f) != 1 ) + reporter->InternalError("Failed to fread() file data"); pf->filedata[size] = 0; fclose(f); diff --git a/src/RemoteSerializer.cc b/src/RemoteSerializer.cc index 03588429de..a841930562 100644 --- a/src/RemoteSerializer.cc +++ b/src/RemoteSerializer.cc @@ -392,7 +392,7 @@ static bool sendToIO(ChunkedIO* io, ChunkedIO::Chunk* c) { if ( ! io->Write(c) ) { - reporter->Warning(fmt("can't send chunk: %s", io->Error())); + reporter->Warning("%s", fmt("can't send chunk: %s", io->Error())); return false; } @@ -404,7 +404,7 @@ static bool sendToIO(ChunkedIO* io, char msg_type, RemoteSerializer::PeerID id, { if ( ! sendCMsg(io, msg_type, id) ) { - reporter->Warning(fmt("can't send message of type %d: %s", msg_type, io->Error())); + reporter->Warning("%s", fmt("can't send message of type %d: %s", msg_type, io->Error())); return false; } @@ -419,7 +419,7 @@ static bool sendToIO(ChunkedIO* io, char msg_type, RemoteSerializer::PeerID id, { if ( ! sendCMsg(io, msg_type, id) ) { - reporter->Warning(fmt("can't send message of type %d: %s", msg_type, io->Error())); + reporter->Warning("%s", fmt("can't send message of type %d: %s", msg_type, io->Error())); return false; } @@ -715,7 +715,7 @@ bool RemoteSerializer::CloseConnection(PeerID id) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for closing connection", int(id))); + reporter->Error("%s", fmt("unknown peer id %d for closing connection", int(id))); return false; } @@ -750,13 +750,13 @@ bool RemoteSerializer::RequestSync(PeerID id, bool auth) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for request sync", int(id))); + reporter->Error("%s", fmt("unknown peer id %d for request sync", int(id))); return false; } if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't request sync from peer; wrong phase %d", + reporter->Error("%s", fmt("can't request sync from peer; wrong phase %d", peer->phase)); return false; } @@ -777,13 +777,13 @@ bool RemoteSerializer::RequestLogs(PeerID id) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for request logs", int(id))); + reporter->Error("%s", fmt("unknown peer id %d for request logs", int(id))); return false; } if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't request logs from peer; wrong phase %d", + reporter->Error("%s", fmt("can't request logs from peer; wrong phase %d", peer->phase)); return false; } @@ -802,13 +802,13 @@ bool RemoteSerializer::RequestEvents(PeerID id, RE_Matcher* pattern) Peer* peer = LookupPeer(id, true); if ( ! peer ) { - reporter->Error(fmt("unknown peer id %d for request sync", int(id))); + reporter->Error("%s", fmt("unknown peer id %d for request sync", int(id))); return false; } if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't request events from peer; wrong phase %d", + reporter->Error("%s", fmt("can't request events from peer; wrong phase %d", peer->phase)); return false; } @@ -869,7 +869,7 @@ bool RemoteSerializer::CompleteHandshake(PeerID id) if ( p->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't complete handshake; wrong phase %d", + reporter->Error("%s", fmt("can't complete handshake; wrong phase %d", p->phase)); return false; } @@ -1138,7 +1138,7 @@ bool RemoteSerializer::SendCaptureFilter(PeerID id, const char* filter) if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't sent capture filter to peer; wrong phase %d", peer->phase)); + reporter->Error("%s", fmt("can't sent capture filter to peer; wrong phase %d", peer->phase)); return false; } @@ -1215,7 +1215,7 @@ bool RemoteSerializer::SendCapabilities(Peer* peer) { if ( peer->phase != Peer::HANDSHAKE ) { - reporter->Error(fmt("can't sent capabilties to peer; wrong phase %d", + reporter->Error("%s", fmt("can't sent capabilties to peer; wrong phase %d", peer->phase)); return false; } @@ -3011,7 +3011,7 @@ bool RemoteSerializer::SendCMsgToChild(char msg_type, Peer* peer) { if ( ! sendCMsg(io, msg_type, peer ? peer->id : PEER_NONE) ) { - reporter->Warning(fmt("can't send message of type %d: %s", + reporter->Warning("%s", fmt("can't send message of type %d: %s", msg_type, io->Error())); return false; } diff --git a/src/SerialObj.cc b/src/SerialObj.cc index 6921115c56..22cb428724 100644 --- a/src/SerialObj.cc +++ b/src/SerialObj.cc @@ -19,7 +19,7 @@ SerialObj* SerialObj::Instantiate(SerialType type) return o; } - reporter->Error(fmt("Unknown object type 0x%08x", type)); + reporter->Error("%s", fmt("Unknown object type 0x%08x", type)); return 0; } @@ -29,7 +29,7 @@ const char* SerialObj::ClassName(SerialType type) if ( f != names->end() ) return f->second; - reporter->Error(fmt("Unknown object type 0x%08x", type)); + reporter->Error("%s", fmt("Unknown object type 0x%08x", type)); return ""; } diff --git a/src/StateAccess.cc b/src/StateAccess.cc index e62904469c..93db1c0e50 100644 --- a/src/StateAccess.cc +++ b/src/StateAccess.cc @@ -350,7 +350,7 @@ void StateAccess::Replay() v->AsRecordVal()->Assign(idx, op2 ? op2->Ref() : 0); } else - reporter->Error(fmt("access replay: unknown record field %s for assign", field)); + reporter->Error("%s", fmt("access replay: unknown record field %s for assign", field)); } else if ( t == TYPE_VECTOR ) @@ -411,7 +411,7 @@ void StateAccess::Replay() v->AsRecordVal()->Assign(idx, new_val, OP_INCR); } else - reporter->Error(fmt("access replay: unknown record field %s for assign", field)); + reporter->Error("%s", fmt("access replay: unknown record field %s for assign", field)); } else if ( t == TYPE_VECTOR ) diff --git a/src/bro.bif b/src/bro.bif index 0fd20397f0..7dcea529b0 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -2181,7 +2181,7 @@ function send_id%(p: event_peer, id: string%) : bool ID* i = global_scope()->Lookup(id->CheckString()); if ( ! i ) { - reporter->Error(fmt("send_id: no global id %s", id->CheckString())); + reporter->Error("%s", fmt("send_id: no global id %s", id->CheckString())); return new Val(0, TYPE_BOOL); } @@ -2250,7 +2250,7 @@ function get_event_peer%(%) : event_peer Val* v = remote_serializer->GetPeerVal(src); if ( ! v ) { - reporter->Error(fmt("peer %d does not exist anymore", int(src))); + reporter->Error("%s", fmt("peer %d does not exist anymore", int(src))); RecordVal* p = mgr.GetLocalPeerVal(); Ref(p); return p; @@ -3295,13 +3295,13 @@ function identify_data%(data: string, return_mime: bool%): string if ( ! *magic ) { - reporter->Error(fmt("can't init libmagic: %s", magic_error(*magic))); + reporter->Error("%s", fmt("can't init libmagic: %s", magic_error(*magic))); return new StringVal(""); } if ( magic_load(*magic, 0) < 0 ) { - reporter->Error(fmt("can't load magic file: %s", magic_error(*magic))); + reporter->Error("%s", fmt("can't load magic file: %s", magic_error(*magic))); magic_close(*magic); *magic = 0; return new StringVal(""); diff --git a/src/scan.l b/src/scan.l index 88d4e9e5e0..7ebd7894e1 100644 --- a/src/scan.l +++ b/src/scan.l @@ -1030,7 +1030,7 @@ void clear_reST_doc_comments() if ( ! reST_doc_comments ) return; - fprintf(stderr, "Warning: %lu unconsumed reST comments:\n", + fprintf(stderr, "Warning: %zu unconsumed reST comments:\n", reST_doc_comments->size()); print_current_reST_doc_comments(); diff --git a/src/util.cc b/src/util.cc index 4ef83bb4ad..5f93b4aeba 100644 --- a/src/util.cc +++ b/src/util.cc @@ -478,14 +478,14 @@ bool ensure_dir(const char *dirname) { if ( errno != ENOENT ) { - reporter->Warning(fmt("can't stat directory %s: %s", + reporter->Warning("%s", fmt("can't stat directory %s: %s", dirname, strerror(errno))); return false; } if ( mkdir(dirname, 0700) < 0 ) { - reporter->Warning(fmt("can't create directory %s: %s", + reporter->Warning("%s", fmt("can't create directory %s: %s", dirname, strerror(errno))); return false; } @@ -493,7 +493,7 @@ bool ensure_dir(const char *dirname) else if ( ! S_ISDIR(st.st_mode) ) { - reporter->Warning(fmt("%s exists but is not a directory", dirname)); + reporter->Warning("%s", fmt("%s exists but is not a directory", dirname)); return false; } @@ -506,7 +506,7 @@ bool is_dir(const char* path) if ( stat(path, &st) < 0 ) { if ( errno != ENOENT ) - reporter->Warning(fmt("can't stat %s: %s", path, strerror(errno))); + reporter->Warning("%s", fmt("can't stat %s: %s", path, strerror(errno))); return false; } @@ -556,14 +556,14 @@ static bool read_random_seeds(const char* read_file, uint32* seed, if ( stat(read_file, &st) < 0 ) { - reporter->Warning(fmt("Seed file '%s' does not exist: %s", + reporter->Warning("%s", fmt("Seed file '%s' does not exist: %s", read_file, strerror(errno))); return false; } if ( ! (f = fopen(read_file, "r")) ) { - reporter->Warning(fmt("Could not open seed file '%s': %s", + reporter->Warning("%s", fmt("Could not open seed file '%s': %s", read_file, strerror(errno))); return false; } @@ -599,7 +599,7 @@ static bool write_random_seeds(const char* write_file, uint32 seed, if ( ! (f = fopen(write_file, "w+")) ) { - reporter->Warning(fmt("Could not create seed file '%s': %s", + reporter->Warning("%s", fmt("Could not create seed file '%s': %s", write_file, strerror(errno))); return false; } @@ -1024,7 +1024,7 @@ FILE* rotate_file(const char* name, RecordVal* rotate_info) FILE* newf = fopen(tmpname, "w"); if ( ! newf ) { - reporter->Error(fmt("rotate_file: can't open %s: %s", tmpname, strerror(errno))); + reporter->Error("%s", fmt("rotate_file: can't open %s: %s", tmpname, strerror(errno))); return 0; } @@ -1033,7 +1033,7 @@ FILE* rotate_file(const char* name, RecordVal* rotate_info) struct stat dummy; if ( link(name, newname) < 0 || stat(newname, &dummy) < 0 ) { - reporter->Error(fmt("rotate_file: can't move %s to %s: %s", name, newname, strerror(errno))); + reporter->Error("%s", fmt("rotate_file: can't move %s to %s: %s", name, newname, strerror(errno))); fclose(newf); unlink(newname); unlink(tmpname); @@ -1043,7 +1043,7 @@ FILE* rotate_file(const char* name, RecordVal* rotate_info) // Close current file, and move the tmp to its place. if ( unlink(name) < 0 || link(tmpname, name) < 0 || unlink(tmpname) < 0 ) { - reporter->Error(fmt("rotate_file: can't move %s to %s: %s", tmpname, name, strerror(errno))); + reporter->Error("%s", fmt("rotate_file: can't move %s to %s: %s", tmpname, name, strerror(errno))); exit(1); // hard to fix, but shouldn't happen anyway... }