uhttpd: Fix multiple format string problems

After format string checks were activated in libubox the compiler started to complain about multiple missuses in uhttpd. This fixes the format strings without changing the behavior. blobmsg_get_string() just checks if the parameter is not NULL and then calls blobmsg_data() and casts the result. I think non of these problem is security relevant. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
author: Hauke Mehrtens <hauke@hauke-m.de> 2019-06-16 22:24:36 +0200
committer: Hauke Mehrtens <hauke@hauke-m.de> 2019-06-16 22:41:26 +0200
commit: 91fcac34ac014a565fdd6312de088d312b5ba7ec (patch)
tree: 3b7b812cdb229877f8c1bf11330abf620e7e39d0
parent: cdfc902a4cb77bc538a729f9e1c8a8578454a0e5 (diff)
download: uhttpd2-91fcac34ac014a565fdd6312de088d312b5ba7ec.tar.gz
3 files changed, 6 insertions, 5 deletions
diff --git a/proc.c b/proc.c
index 88ec31e..1d63d86 100644
--- a/proc.c
+++ b/proc.c
@@ -232,7 +232,8 @@ static void proc_handle_header_end(struct relay *r)
 	uloop_timeout_cancel(&p->timeout);
 	uh_http_header(cl, cl->dispatch.proc.status_code, cl->dispatch.proc.status_msg);
 	blob_for_each_attr(cur, cl->dispatch.proc.hdr.head, rem)
-		ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur), blobmsg_data(cur));
+		ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur),
+			       blobmsg_get_string(cur));
 
 	ustream_printf(cl->us, "\r\n");
 
diff --git a/ubus.c b/ubus.c
index f7d1f11..8cfbd97 100644
--- a/ubus.c
+++ b/ubus.c
@@ -144,11 +144,11 @@ static void uh_ubus_add_cors_headers(struct client *cl)
 	}
 
 	ustream_printf(cl->us, "Access-Control-Allow-Origin: %s\r\n",
-	               blobmsg_data(tb[HDR_ORIGIN]));
+	               blobmsg_get_string(tb[HDR_ORIGIN]));
 
 	if (tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS])
 		ustream_printf(cl->us, "Access-Control-Allow-Headers: %s\r\n",
-		               blobmsg_data(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
+		               blobmsg_get_string(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
 
 	ustream_printf(cl->us, "Access-Control-Allow-Methods: POST, OPTIONS\r\n");
 	ustream_printf(cl->us, "Access-Control-Allow-Credentials: true\r\n");
diff --git a/utils.c b/utils.c
index d990d7d..142a410 100644
--- a/utils.c
+++ b/utils.c
@@ -47,7 +47,7 @@ void uh_chunk_write(struct client *cl, const void *data, int len)
 		ustream_printf(cl->us, "%X\r\n", len);
 	ustream_write(cl->us, data, len, true);
 	if (chunked)
-		ustream_printf(cl->us, "\r\n", len);
+		ustream_printf(cl->us, "\r\n");
 }
 
 void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg)
@@ -74,7 +74,7 @@ void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg)
 		ustream_write(cl->us, buf, len, true);
 	else
 		ustream_vprintf(cl->us, format, arg);
-	ustream_printf(cl->us, "\r\n", len);
+	ustream_printf(cl->us, "\r\n");
 }
 
 void uh_chunk_printf(struct client *cl, const char *format, ...)
author	Hauke Mehrtens <hauke@hauke-m.de>	2019-06-16 22:24:36 +0200
committer	Hauke Mehrtens <hauke@hauke-m.de>	2019-06-16 22:41:26 +0200
commit	91fcac34ac014a565fdd6312de088d312b5ba7ec (patch)
tree	3b7b812cdb229877f8c1bf11330abf620e7e39d0
parent	cdfc902a4cb77bc538a729f9e1c8a8578454a0e5 (diff)
download	uhttpd2-91fcac34ac014a565fdd6312de088d312b5ba7ec.tar.gz