izackp/mosh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Audit and fix up format strings

Browse Source
This commit is contained in:
Benjamin Barenblat
2022-08-03 19:32:39 -04:00
committed by Benjamin Barenblat
parent 4cd2da5202
commit cd7050613c
3 changed files with 30 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/frontend/mosh-server.cc
+2 -2
View File
@@ -807,7 +807,7 @@ static void serve( int host_fd, Terminal::Complete &terminal, ServerConnection &
#ifdef HAVE_UTEMPTER #ifdef HAVE_UTEMPTER
utempter_remove_record( host_fd ); utempter_remove_record( host_fd );
char tmp[ 64 + NI_MAXHOST ]; char tmp[ 64 + NI_MAXHOST ];
snprintf( tmp, 64 + NI_MAXHOST, "%s via mosh [%d]", host, getpid() ); snprintf( tmp, 64 + NI_MAXHOST, "%s via mosh [%ld]", host, static_cast<long int>( getpid() ) );
utempter_add_record( host_fd, tmp ); utempter_add_record( host_fd, tmp );
connected_utmp = true; connected_utmp = true;
@@ -899,7 +899,7 @@ static void serve( int host_fd, Terminal::Complete &terminal, ServerConnection &
utempter_remove_record( host_fd ); utempter_remove_record( host_fd );
char tmp[ 64 ]; char tmp[ 64 ];
snprintf( tmp, 64, "mosh [%d]", getpid() ); snprintf( tmp, 64, "mosh [%ld]", static_cast<long int>( getpid() ) );
utempter_add_record( host_fd, tmp ); utempter_add_record( host_fd, tmp );
connected_utmp = false; connected_utmp = false;
src/terminal/terminalframebuffer.cc
+24 -6
View File
@@ -533,28 +533,40 @@ std::string Renditions::sgr( void ) const
if ( get_attribute( invisible ) ) ret.append( ";8" ); if ( get_attribute( invisible ) ) ret.append( ";8" );
if ( foreground_color ) { if ( foreground_color ) {
// Since foreground_color is a 25-bit field, it is promoted to an int when
// manipulated. (See [conv.prom] in various C++ standards, e.g.,
// https://timsong-cpp.github.io/cppwp/n4659/conv.prom#5.) The correct
// printf format specifier is thus %d.
if ( is_true_color( foreground_color ) ) { if ( is_true_color( foreground_color ) ) {
snprintf( col, sizeof( col ), ";38;2;%u;%u;%u", snprintf( col, sizeof( col ), ";38;2;%d;%d;%d",
(foreground_color >> 16) & 0xff, (foreground_color >> 16) & 0xff,
(foreground_color >> 8) & 0xff, (foreground_color >> 8) & 0xff,
foreground_color & 0xff); foreground_color & 0xff);
} else if ( foreground_color > 37 ) { /* use 256-color set */ } else if ( foreground_color > 37 ) { /* use 256-color set */
snprintf( col, sizeof( col ), ";38;5;%u", foreground_color - 30 ); snprintf( col, sizeof( col ), ";38;5;%d", foreground_color - 30 );
} else { /* ANSI foreground color */ } else { /* ANSI foreground color */
snprintf( col, sizeof( col ), ";%u", static_cast<unsigned int>( foreground_color ) ); // Unfortunately, some versions of GCC (notably including GCC 9.3) give
// -Wformat warnings when relying on [conv.prom] to promote
// foreground_color in calls to printf. Explicitly promote it to silence
// the warning.
int fg = foreground_color;
snprintf( col, sizeof( col ), ";%d", fg );
} }
ret.append( col ); ret.append( col );
} }
if ( background_color ) { if ( background_color ) {
// See comment above about bit-field promotion; it applies here as well.
if ( is_true_color( background_color ) ) { if ( is_true_color( background_color ) ) {
snprintf( col, sizeof( col ), ";48;2;%u;%u;%u", snprintf( col, sizeof( col ), ";48;2;%d;%d;%d",
(background_color >> 16) & 0xff, (background_color >> 16) & 0xff,
(background_color >> 8) & 0xff, (background_color >> 8) & 0xff,
background_color & 0xff); background_color & 0xff);
} else if ( background_color > 47 ) { /* use 256-color set */ } else if ( background_color > 47 ) { /* use 256-color set */
snprintf( col, sizeof( col ), ";48;5;%u", background_color - 40 ); snprintf( col, sizeof( col ), ";48;5;%d", background_color - 40 );
} else { /* ANSI background color */ } else { /* ANSI background color */
snprintf( col, sizeof( col ), ";%u", static_cast<unsigned int>( background_color ) ); // See comment above about explicit promotion; it applies here as well.
int bg = background_color;
snprintf( col, sizeof( col ), ";%d", bg );
} }
ret.append( col ); ret.append( col );
} }
@@ -630,12 +642,17 @@ bool Cell::compare( const Cell &other ) const
if ( fallback != other.fallback ) { if ( fallback != other.fallback ) {
// ret = true; // ret = true;
// Since fallback is a 1-bit field, it is promoted to an int when
// manipulated. (See [conv.prom] in various C++ standards, e.g.,
// https://timsong-cpp.github.io/cppwp/n4659/conv.prom#5.) The correct
// printf format specifier is thus %d.
fprintf( stderr, "fallback: %d vs. %d\n", fprintf( stderr, "fallback: %d vs. %d\n",
fallback, other.fallback ); fallback, other.fallback );
} }
if ( wide != other.wide ) { if ( wide != other.wide ) {
ret = true; ret = true;
// See comment above about bit-field promotion; it applies here as well.
fprintf( stderr, "width: %d vs. %d\n", fprintf( stderr, "width: %d vs. %d\n",
wide, other.wide ); wide, other.wide );
} }
@@ -647,6 +664,7 @@ bool Cell::compare( const Cell &other ) const
if ( wrap != other.wrap ) { if ( wrap != other.wrap ) {
ret = true; ret = true;
// See comment above about bit-field promotion; it applies here as well.
fprintf( stderr, "wrap: %d vs. %d\n", fprintf( stderr, "wrap: %d vs. %d\n",
wrap, other.wrap ); wrap, other.wrap );
} }
src/tests/test_utils.cc
+4 -1
View File
@@ -38,7 +38,10 @@ void hexdump( const void *buf, size_t len, const char *name ) {
const unsigned char *data = (const unsigned char *) buf; const unsigned char *data = (const unsigned char *) buf;
printf( DUMP_NAME_FMT, name ); printf( DUMP_NAME_FMT, name );
for ( size_t i = 0; i < len; i++ ) { for ( size_t i = 0; i < len; i++ ) {
printf( "%02x", data[ i ] ); // Although data[i] is an unsigned char, it will be promoted to a signed int
// when passed as an argument. Explicitly cast it back to an unsigned type
// so it can be printed in hex.
printf( "%02x", static_cast<unsigned>( data[ i ] ) );
} }
printf( "\n" ); printf( "\n" );
} }