I've done a build of vdr 1.3.44 with -Wformat=2. This was noisier than it might be due to some tr() calls; however, in <libintl.h>, I've spotted something of use:
__attribute_format_arg__ (index)
With this added to the prototype for I18nTranslate, a lot of "non-constant format string" warnings are eliminated. I've also found several possible problems, mostly missing format strings. I don't /think/ that any of the missing-format-string ones are exploitable (at least one definitely isn't), but it's better to have them fixed anyway...
Patch attached. This kills all of the format string warnings which I could find.
Darren Salt wrote:
I've done a build of vdr 1.3.44 with -Wformat=2. This was noisier than it might be due to some tr() calls; however, in <libintl.h>, I've spotted something of use:
__attribute_format_arg__ (index)
With this added to the prototype for I18nTranslate, a lot of "non-constant format string" warnings are eliminated. I've also found several possible problems, mostly missing format strings. I don't /think/ that any of the missing-format-string ones are exploitable (at least one definitely isn't), but it's better to have them fixed anyway...
Patch attached. This kills all of the format string warnings which I could find.
With this patch applied, I get a lot of these (null) messages in my log:
Mar 15 04:07:31 sid vdr: [26388] (null) thread started (pid=26388, tid=26388) Mar 15 04:07:31 sid vdr: [26389] (null) thread started (pid=26389, tid=26389)
Regards,
I demand that C.Y.M may or may not have written...
Darren Salt wrote:
I've done a build of vdr 1.3.44 with -Wformat=2. This was noisier than it might be due to some tr() calls; however, in <libintl.h>, I've spotted something of use: __attribute_format_arg__ (index)
[snip]
With this patch applied, I get a lot of these (null) messages in my log:
Mar 15 04:07:31 sid vdr: [26388] (null) thread started (pid=26388, tid=26388) Mar 15 04:07:31 sid vdr: [26389] (null) thread started (pid=26389, tid=26389)
Presumably, the cThread object is being initialised with a null description. This is cosmetic, but the attached patch, applied on top of my previous patch, should fix it.
-
C.Y.M -
Darren Salt