Harden NUT work with strings where dynamic formatting strings are used#2460
Draft
jimklimov wants to merge 29 commits intonetworkupstools:masterfrom jimklimov:issue-2450
+1,044-1,032
Commits
Commits on Jun 1, 2024
common/common.c, include/common.h, tests/nutlogtest.c, NEWS.adoc: introduce snprintf_dynamic() and related methods [networkupstools#2450]
committeddrivers/dstate.{c,h}: add vdstate_setinfo(), vdstate_addenum() and versions for hardened dynamic format string support [networkupstools#2450]
committeddocs/developers.txt, docs/new-drivers.txt, docs/nut.dict: document hardened *_dynamic() string methods [networkupstools#2450]
committedcommon/common.c, tests/nutlogtest.c: minimize_formatting_string(): collapse known different formats for same data type into same char to ease sanity-check comparisons [networkupstools#2450]
committedcommon/common.c, include/common.h, drivers/dstate.c, tests/nutlogtest.c: introduce verbosity option to validate_formatting_string() and minimize_formatting_string() [networkupstools#2450]
committedcommon/common.c: vsnprintf_dynamic(): NULL "dst" or its "size" are a valid use-case for vsnprintf() [networkupstools#2450]
committeddrivers/nutdrv_qx_bestups.c: bestups_model(): fix bogus sprintf() for an unknown model [networkupstools#2450]
committed
Commits on Jun 2, 2024
Harden NUT work with strings: comment which use-cases we DID NOT switch to snprintf_dynamic() instead of hushing potential flaws with macros [networkupstools#2450]
committedHarden NUT work with strings by switching to snprintf_dynamic() instead of hushing potential flaws with macros [networkupstools#2450]
committeddrivers/nutdrv_qx_bestups.c: bestups_batt_packs(): range-check and properly cast the value, and harden with snprintf_dynamic() [networkupstools#2450]
committeddrivers/nutdrv_qx_bestups.c: bestups_get_pins_shutdown_mode(): comment the odd conversion, and harden with snprintf_dynamic() [networkupstools#2450]
committeddrivers/nutdrv_qx_blazer-common.c: blazer_process_command() for "test.battery.start" might vary by applicable formatting strings [networkupstools#2450]
committedtools/nut-scanner/nutscan-serial.c: Harden NUT work with strings by switching to snprintf_dynamic() instead of hushing potential flaws with macros [networkupstools#2450]
committed- committed
common/common.c: minimize_formatting_string(): warn in doc that this may produce invalid printf-style strings and not complain (garbage in = garbage out) [networkupstools#2450]
committedtests/nutlogtest.c, common/common.c: validate_formatting_string(): tolerate dynamic formats that are sub-strings and beginnings of reference (wasteful but survivable) [networkupstools#2450]
committedm4/ax_c_pragmas.m4: detect support for plain "-Wformat" and for "-Wformat-extra-args" [networkupstools#2450]
committedtests/nutlogtest.c: use support for plain "-Wformat" and for "-Wformat-extra-args" in pragmas to quiesce "bogus-looking" test cases [networkupstools#2450]
committed