fix dehydra warnings (some of which were dangerous pass-user-string-as-format-string vulnerabilities)
This was SVN commit r7177.
This commit is contained in:
parent
378bd89c1d
commit
f432d9d18b
@ -1052,7 +1052,7 @@ void CGUI::ReportParseError(const wchar_t* str, ...)
|
||||
// Important, set ParseError to true
|
||||
++m_Errors;
|
||||
|
||||
LOG(CLogger::Error, LOG_CATEGORY, buffer);
|
||||
LOG(CLogger::Error, LOG_CATEGORY, L"%ls", buffer);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1315,7 +1315,7 @@ void CGUI::Xeromyces_ReadObject(XMBElement Element, CXeromyces* pFile, IGUIObjec
|
||||
// Try setting the value
|
||||
if (object->SetSetting(pFile->GetAttributeString(attr.Name), CStr(attr.Value), true) != PSRETURN_OK)
|
||||
{
|
||||
ReportParseError(L"(object: %hs) Can't set \"%hs\" to \"%hs\"", object->GetPresentableName().c_str(), pFile->GetAttributeString(attr.Name).c_str(), attr.Value.c_str());
|
||||
ReportParseError(L"(object: %hs) Can't set \"%hs\" to \"%ls\"", object->GetPresentableName().c_str(), pFile->GetAttributeString(attr.Name).c_str(), CStrW(attr.Value).c_str());
|
||||
|
||||
// This is not a fatal error
|
||||
}
|
||||
@ -1445,7 +1445,7 @@ void CGUI::Xeromyces_ReadObject(XMBElement Element, CXeromyces* pFile, IGUIObjec
|
||||
catch (PSERROR_GUI& e)
|
||||
{
|
||||
CStrW what(e.what());
|
||||
ReportParseError(what.c_str());
|
||||
ReportParseError(L"%ls", what.c_str());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -67,7 +67,7 @@ static void def_translate_free(const wchar_t* UNUSED(text))
|
||||
|
||||
static void def_log(const wchar_t* text)
|
||||
{
|
||||
wprintf(text);
|
||||
wprintf(L"%ls", text);
|
||||
}
|
||||
|
||||
|
||||
|
@ -301,11 +301,7 @@ void ogl_WarnIfError()
|
||||
}
|
||||
|
||||
if(error_enountered)
|
||||
{
|
||||
wchar_t msg[64];
|
||||
swprintf_s(msg, ARRAY_SIZE(msg), L"OpenGL error(s) occurred: %04x", (int)first_error);
|
||||
debug_printf(msg);
|
||||
}
|
||||
debug_printf(L"OpenGL error(s) occurred: %04x", (int)first_error);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -485,7 +485,7 @@ static LibError OglTex_validate(const OglTex* ot)
|
||||
|
||||
static LibError OglTex_to_string(const OglTex* ot, wchar_t* buf)
|
||||
{
|
||||
swprintf_s(buf, H_STRING_LEN, L"OglTex id=%d flags=%x", ot->id, ot->flags);
|
||||
swprintf_s(buf, H_STRING_LEN, L"OglTex id=%d flags=%lx", ot->id, ot->flags);
|
||||
return INFO::OK;
|
||||
}
|
||||
|
||||
|
@ -275,7 +275,7 @@ static LibError alc_init()
|
||||
// (e.g. DS3D, native, MMSYSTEM) - needed when reporting OpenAL bugs.
|
||||
const char* dev_name = (const char*)alcGetString(alc_dev, ALC_DEVICE_SPECIFIER);
|
||||
wchar_t buf[200];
|
||||
swprintf_s(buf, ARRAY_SIZE(buf), L"SND| alc_init: success, using %s\n", dev_name);
|
||||
swprintf_s(buf, ARRAY_SIZE(buf), L"SND| alc_init: success, using %hs\n", dev_name);
|
||||
ah_log(buf);
|
||||
|
||||
#if WIN_LOADLIBRARY_HACK
|
||||
|
@ -112,9 +112,9 @@ LibError debug_DumpStack(wchar_t* buf, size_t max_chars, void* UNUSED(context),
|
||||
int len;
|
||||
|
||||
if (debug_ResolveSymbol(bt[i], symbol, file, &line) == 0)
|
||||
len = swprintf(bufpos, MAX_OUT_CHARS, L"(0x%08x) %ls:%d %ls\n", bt[i], file, line, symbol);
|
||||
len = swprintf(bufpos, MAX_OUT_CHARS, L"(%p) %ls:%d %ls\n", bt[i], file, line, symbol);
|
||||
else
|
||||
len = swprintf(bufpos, MAX_OUT_CHARS, L"(0x%08x)\n", bt[i]);
|
||||
len = swprintf(bufpos, MAX_OUT_CHARS, L"(%p)\n", bt[i]);
|
||||
|
||||
if (len < 0)
|
||||
{
|
||||
|
@ -454,7 +454,7 @@ void CNetLogConsoleSink::Write( const CStr& message )
|
||||
// Write message
|
||||
if ( !message.empty() )
|
||||
{
|
||||
g_Console->InsertMessage( message.FromUTF8().c_str() );
|
||||
g_Console->InsertMessage( L"%ls", message.FromUTF8().c_str() );
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -913,7 +913,7 @@ void CNetServer::PlayerAttributeUpdate(
|
||||
|
||||
CNetServer* pServer = ( CNetServer* )pData;
|
||||
|
||||
g_Console->InsertMessage( L"PlayerAttributeUpdate(%d): %ls = \"%ls\"", pPlayer->GetPlayerID(), name.c_str(), newValue.c_str() );
|
||||
g_Console->InsertMessage( L"PlayerAttributeUpdate(%ld): %ls = \"%ls\"", pPlayer->GetPlayerID(), name.c_str(), newValue.c_str() );
|
||||
|
||||
CPlayerConfigMessage* pNewMessage = new CPlayerConfigMessage;
|
||||
if ( !pNewMessage ) return;
|
||||
|
@ -296,7 +296,7 @@ void CConsole::DrawHistory(void) {
|
||||
glTranslatef(0.0f, -(float)m_iFontHeight, 0.0f);
|
||||
|
||||
glPushMatrix();
|
||||
glwprintf(L"%ls", Iter->data());
|
||||
glwprintf(L"%ls", Iter->c_str());
|
||||
glPopMatrix();
|
||||
}
|
||||
|
||||
@ -458,7 +458,7 @@ void CConsole::InsertChar(const int szChar, const wchar_t cooked )
|
||||
}
|
||||
if(!bad)
|
||||
{
|
||||
SetBuffer(m_deqBufHistory.at(iHistoryPos).data());
|
||||
SetBuffer(m_deqBufHistory.at(iHistoryPos).c_str());
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -489,7 +489,7 @@ void CConsole::InsertChar(const int szChar, const wchar_t cooked )
|
||||
}
|
||||
if(!bad)
|
||||
{
|
||||
SetBuffer(m_deqBufHistory.at(iHistoryPos).data());
|
||||
SetBuffer(L"%ls", m_deqBufHistory.at(iHistoryPos).c_str());
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -664,7 +664,7 @@ void CConsole::ProcessBuffer(const wchar_t* szLine)
|
||||
if (!m_mapFuncList.size()) InsertMessage(L" (none registered)");
|
||||
|
||||
for (Iter = m_mapFuncList.begin(); Iter != m_mapFuncList.end(); Iter++)
|
||||
InsertMessage(L" \\%ls", Iter->first.data());
|
||||
InsertMessage(L" \\%ls", Iter->first.c_str());
|
||||
|
||||
InsertMessage(L"");
|
||||
}
|
||||
|
@ -962,11 +962,12 @@ void Init(const CmdLineArgs& args, int flags)
|
||||
if(missing)
|
||||
{
|
||||
wchar_t buf[500];
|
||||
const wchar_t* fmt =
|
||||
swprintf_s(buf, ARRAY_SIZE(buf),
|
||||
L"The %hs extension doesn't appear to be available on your computer."
|
||||
L" The game may still work, though - you are welcome to try at your own risk."
|
||||
L" If not or it doesn't look right, upgrade your graphics card.";
|
||||
swprintf_s(buf, ARRAY_SIZE(buf), fmt, missing);
|
||||
L" If not or it doesn't look right, upgrade your graphics card.",
|
||||
missing
|
||||
);
|
||||
DEBUG_DISPLAY_ERROR(buf);
|
||||
// TODO: i18n
|
||||
}
|
||||
|
@ -238,7 +238,7 @@ void CSelectedEntities::RenderOverlays()
|
||||
glColor4f( 1.0f, 1.0f, 1.0f, 1.0f );
|
||||
glTranslatef( x, g_Renderer.GetHeight() - y, 0.0f );
|
||||
glScalef( 1.0f, -1.0f, 1.0f );
|
||||
glwprintf( L"%d", (*it)->m_grouped );
|
||||
glwprintf( L"%ld", (*it)->m_grouped );
|
||||
|
||||
}
|
||||
}
|
||||
@ -262,7 +262,7 @@ void CSelectedEntities::RenderOverlays()
|
||||
glColor4f( 1.0f, 1.0f, 1.0f, 0.5f );
|
||||
glTranslatef( x, g_Renderer.GetHeight() - y, 0.0f );
|
||||
glScalef( 1.0f, -1.0f, 1.0f );
|
||||
glwprintf( L"%d", (*it)->m_grouped );
|
||||
glwprintf( L"%ld", (*it)->m_grouped );
|
||||
}
|
||||
|
||||
glDisable( GL_BLEND );
|
||||
|
@ -263,7 +263,7 @@ template<typename T, JSClass* ScriptType> JSBool CJSCollection<T, ScriptType>::T
|
||||
return( JS_FALSE ); // That's odd; we've lost the pointer.
|
||||
|
||||
wchar_t buffer[256];
|
||||
int len = swprintf_s( buffer, ARRAY_SIZE(buffer), L"[object Collection: %s: %d members]", ScriptType->name, set->size() );
|
||||
int len = swprintf_s( buffer, ARRAY_SIZE(buffer), L"[object Collection: %hs: %ld members]", ScriptType->name, set->size() );
|
||||
buffer[255] = 0;
|
||||
if (len < 0 || len > 255) len=255;
|
||||
utf16string u16str(buffer, buffer+len);
|
||||
|
@ -117,7 +117,7 @@ JSBool WriteLog(JSContext* cx, JSObject*, uintN argc, jsval* argv, jsval* rval)
|
||||
}
|
||||
}
|
||||
|
||||
LOG(CLogger::Normal, LOG_CATEGORY, logMessage.c_str());
|
||||
LOG(CLogger::Normal, LOG_CATEGORY, L"%ls", logMessage.c_str());
|
||||
|
||||
*rval = JSVAL_TRUE;
|
||||
return JS_TRUE;
|
||||
|
@ -227,7 +227,7 @@ JSBool CProjectile::Construct( JSContext* cx, JSObject* UNUSED(obj), uintN argc,
|
||||
|
||||
fail:
|
||||
*rval = JSVAL_NULL;
|
||||
JS_ReportError( cx, err );
|
||||
JS_ReportError( cx, "%s", err );
|
||||
return( JS_TRUE );
|
||||
}
|
||||
|
||||
|
@ -298,7 +298,7 @@ bool CTechnology::LoadElEffect( XMBElement effect, CXeromyces& XeroFile, const V
|
||||
JSFunction* fn = JS_ValueToFunction( g_ScriptingHost.GetContext(), fnval );
|
||||
if( !fn )
|
||||
{
|
||||
LOG(CLogger::Error, LOG_CATEGORY, L"CTechnology::LoadXml: Function does not exist for %hs in file %ls. Load failed.", funcName.c_str(), pathname.string().c_str() );
|
||||
LOG(CLogger::Error, LOG_CATEGORY, L"CTechnology::LoadXml: Function does not exist for %ls in file %ls. Load failed.", CStrW(funcName).c_str(), pathname.string().c_str() );
|
||||
return false;
|
||||
}
|
||||
m_effectFunction.SetFunction( fn );
|
||||
|
Loading…
Reference in New Issue
Block a user