diff options
| author | Niels de Vos <ndevos@redhat.com> | 2012-12-14 10:48:46 +0100 |
|---|---|---|
| committer | Anand Avati <avati@redhat.com> | 2013-01-16 17:44:43 -0800 |
| commit | b9249c8f9f838c2a9c28e5c09fffddc9c8917df6 (patch) | |
| tree | 0bb5a1010f0b4f575f7f48e700be5184e21c482c | |
| parent | fba70e641eb52c90fa29fc26d916e4607e286779 (diff) | |
Fix format security errors with hardening build flags
These problems were found while building with the hardening options used
by Debian. In order to prevent introducing new unsafe constructs, the
options -Wformat" and -Werror=format-security are addeded to the CFLAGS
by configure.ac if the compiler supports them.
Also, a small spelling fix in posix-aio.c is included.
Change-Id: I1034311644fa3c21bc5a7b842c41a3ca79108b3f
BUG: 887278
Original-author: Patrick Matthäi <pmatthaei@debian.org>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/4311
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
| -rw-r--r-- | cli/src/cli.c | 4 | ||||
| -rw-r--r-- | configure.ac | 12 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-handler.c | 6 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-op-sm.c | 4 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-replace-brick.c | 4 | ||||
| -rw-r--r-- | xlators/storage/posix/src/posix-aio.c | 2 |
6 files changed, 22 insertions, 10 deletions
diff --git a/cli/src/cli.c b/cli/src/cli.c index a2457c2b6..4ff172805 100644 --- a/cli/src/cli.c +++ b/cli/src/cli.c @@ -298,12 +298,12 @@ cli_opt_parse (char *opt, struct cli_state *state) return 1; if (strcmp (opt, "version") == 0) { - cli_out (argp_program_version); + cli_out ("%s", argp_program_version); exit (0); } if (strcmp (opt, "print-logdir") == 0) { - cli_out (DEFAULT_LOG_FILE_DIRECTORY); + cli_out ("%s", DEFAULT_LOG_FILE_DIRECTORY); exit (0); } diff --git a/configure.ac b/configure.ac index dec146e52..3f87a46a0 100644 --- a/configure.ac +++ b/configure.ac @@ -523,6 +523,18 @@ GF_HOST_OS="" GF_LDFLAGS="-rdynamic" CFLAGS="-g" +# check for gcc -Werror=format-security +saved_CFLAGS=$CFLAGS +CFLAGS="-Wformat -Werror=format-security" +AC_MSG_CHECKING([whether $CC accepts -Werror=format-security]) +AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], [cc_werror_format_security=yes], [cc_werror_format_security=no]) +echo $cc_werror_format_security +if test "x$cc_werror_format_security" = "xno"; then + CFLAGS="$saved_CFLAGS" +else + CFLAGS="$saved_CFLAGS $CFLAGS" +fi + case $host_os in linux*) dnl GF_LINUX_HOST_OS=1 diff --git a/xlators/mgmt/glusterd/src/glusterd-handler.c b/xlators/mgmt/glusterd/src/glusterd-handler.c index fe85eb397..d4bdcd740 100644 --- a/xlators/mgmt/glusterd/src/glusterd-handler.c +++ b/xlators/mgmt/glusterd/src/glusterd-handler.c @@ -1070,7 +1070,7 @@ glusterd_handle_cli_uuid_reset (rpcsvc_request_t *req) snprintf (msg_str, sizeof (msg_str), "volumes are already " "present in the cluster. Resetting uuid is not " "allowed"); - gf_log (this->name, GF_LOG_WARNING, msg_str); + gf_log (this->name, GF_LOG_WARNING, "%s", msg_str); goto out; } @@ -1079,7 +1079,7 @@ glusterd_handle_cli_uuid_reset (rpcsvc_request_t *req) snprintf (msg_str, sizeof (msg_str),"trusted storage pool " "has been already formed. Please detach this peer " "from the pool and reset its uuid."); - gf_log (this->name, GF_LOG_WARNING, msg_str); + gf_log (this->name, GF_LOG_WARNING, "%s", msg_str); goto out; } @@ -1089,7 +1089,7 @@ glusterd_handle_cli_uuid_reset (rpcsvc_request_t *req) if (!uuid_compare (uuid, MY_UUID)) { snprintf (msg_str, sizeof (msg_str), "old uuid and the new uuid" " are same. Try gluster peer reset again"); - gf_log (this->name, GF_LOG_ERROR, msg_str); + gf_log (this->name, GF_LOG_ERROR, "%s", msg_str); ret = -1; goto out; } diff --git a/xlators/mgmt/glusterd/src/glusterd-op-sm.c b/xlators/mgmt/glusterd/src/glusterd-op-sm.c index 6ef0b21c5..69e6fad85 100644 --- a/xlators/mgmt/glusterd/src/glusterd-op-sm.c +++ b/xlators/mgmt/glusterd/src/glusterd-op-sm.c @@ -1431,7 +1431,7 @@ glusterd_op_set_volume (dict_t *dict) if (ret) { op_errstr = (op_errstr)? op_errstr: "Volume set help internal error"; - gf_log (this->name, GF_LOG_ERROR, op_errstr); + gf_log (this->name, GF_LOG_ERROR, "%s", op_errstr); } goto out; } @@ -2678,7 +2678,7 @@ glusterd_op_ac_send_stage_op (glusterd_op_sm_event_t *event, void *ctx) ret = glusterd_op_validate_quorum (this, op, dict, &op_errstr); if (ret) { - gf_log (this->name, GF_LOG_ERROR, op_errstr); + gf_log (this->name, GF_LOG_ERROR, "%s", op_errstr); opinfo.op_errstr = op_errstr; goto out; } diff --git a/xlators/mgmt/glusterd/src/glusterd-replace-brick.c b/xlators/mgmt/glusterd/src/glusterd-replace-brick.c index 7e4d8c78b..c57be5196 100644 --- a/xlators/mgmt/glusterd/src/glusterd-replace-brick.c +++ b/xlators/mgmt/glusterd/src/glusterd-replace-brick.c @@ -321,7 +321,7 @@ glusterd_op_stage_replace_brick (dict_t *dict, char **op_errstr, if (glusterd_is_rb_started (volinfo)) { snprintf (msg, sizeof (msg), "Replace brick is already " "started for volume"); - gf_log (this->name, GF_LOG_ERROR, msg); + gf_log (this->name, GF_LOG_ERROR, "%s", msg); *op_errstr = gf_strdup (msg); ret = -1; goto out; @@ -487,7 +487,7 @@ glusterd_op_stage_replace_brick (dict_t *dict, char **op_errstr, if (ret) { *op_errstr = gf_strdup (msg); ret = -1; - gf_log (this->name, GF_LOG_ERROR, *op_errstr); + gf_log (this->name, GF_LOG_ERROR, "%s", *op_errstr); goto out; } diff --git a/xlators/storage/posix/src/posix-aio.c b/xlators/storage/posix/src/posix-aio.c index f807618ce..fad4a7df3 100644 --- a/xlators/storage/posix/src/posix-aio.c +++ b/xlators/storage/posix/src/posix-aio.c @@ -566,7 +566,7 @@ __posix_fd_set_odirect (fd_t *fd, struct posix_fd *pfd, int opflags, { xlator_t *this = THIS; gf_log (this->name, GF_LOG_INFO, - "Linux AIO not availble at build-time." + "Linux AIO not available at build-time." " Continuing with synchronous IO"); return; } |