From: Tomas Hoger Date: Wed, 20 May 2015 09:22:11 +0000 (+0200) Subject: Additional agerr() format string fixes X-Git-Tag: TRAVIS_CI_BUILD_EXPERIMENTAL~109^2~11^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=10a132289ffe4ed9a398bebca13cb41c1006bd13;p=graphviz Additional agerr() format string fixes Similar to commit 99eda42, ensure the second argument to agerr() is fixed string with no user inputs. Change applied to: * cmd/tools/gmlscan.l - unclear if this can be exploited in practice, as only yytext can possibly hold format string * lib/graph/lexer.c - format string can be injected via graph file content. Note that libgraph is deprecated as of version 2.30.0, so this fix is more relevant for older graphviz versions. --- diff --git a/cmd/tools/gmlscan.l b/cmd/tools/gmlscan.l index ea8db0f6f..e83ca4f6b 100644 --- a/cmd/tools/gmlscan.l +++ b/cmd/tools/gmlscan.l @@ -127,7 +127,7 @@ void yyerror(char *str) return; errors = 1; sprintf(buf," %s in line %d near '%s'\n", str,line_num,yytext); - agerr(AGWARN,buf); + agerr(AGWARN, "%s", buf); } int gmlerrors() diff --git a/lib/graph/lexer.c b/lib/graph/lexer.c index 05452c809..790563b97 100644 --- a/lib/graph/lexer.c +++ b/lib/graph/lexer.c @@ -460,16 +460,16 @@ static void error_context(void) if (buf < p) { c = *p; *p = '\0'; - agerr(AGPREV, buf); + agerr(AGPREV, "%s", buf); *p = c; } agerr(AGPREV, " >>> "); c = *LexPtr; *LexPtr = '\0'; - agerr(AGPREV, p); + agerr(AGPREV, "%s", p); *LexPtr = c; agerr(AGPREV, " <<< "); - agerr(AGPREV, LexPtr); + agerr(AGPREV, "%s", LexPtr); } void agerror(char *msg)