From 7bd4114182fcc86cd2515708fdf4d76622e0237d Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Sun, 13 May 2012 14:03:17 +0200
Subject: Use gcc extensions to check varargs during compile

 * Add macros GNUC_PRINTF and GNUC_NULL_TERMINATED to check
   correct printf and NULL terminated style varargs
---
 common/compat.h   | 24 ++++++++++++++++++------
 p11-kit/conf.c    | 11 ++++++++---
 p11-kit/debug.h   |  4 +++-
 p11-kit/modules.c |  7 +++++--
 p11-kit/private.h |  4 +++-
 tests/Makefile.am |  1 +
 6 files changed, 38 insertions(+), 13 deletions(-)

diff --git a/common/compat.h b/common/compat.h
index b2774f1..6326430 100644
--- a/common/compat.h
+++ b/common/compat.h
@@ -37,6 +37,18 @@
 
 #include "config.h"
 
+#if !defined(__cplusplus) && (__GNUC__ > 2)
+#define GNUC_PRINTF(x, y) __attribute__((__format__(__printf__, x, y)))
+#else
+#define GNUC_PRINTF(x, y)
+#endif
+
+#if __GNUC__ >= 4
+#define GNUC_NULL_TERMINATED __attribute__((__sentinel__))
+#else
+#define GNUC_NULL_TERMINATED
+#endif
+
 #ifndef HAVE_GETPROGNAME
 const char * getprogname (void);
 #endif
@@ -49,17 +61,17 @@ const char * getprogname (void);
 #include <stdarg.h>
 void err_set_file (void *fp);
 void err_set_exit (void (*ef)(int));
-void err (int eval, const char *fmt, ...);
+void err (int eval, const char *fmt, ...) GNUC_PRINTF (2, 3);
 void verr (int eval, const char *fmt, va_list ap);
-void errc (int eval, int code, const char *fmt, ...);
+void errc (int eval, int code, const char *fmt, ...) GNUC_PRINTF (3, 4);
 void verrc (int eval, int code, const char *fmt, va_list ap);
-void errx (int eval, const char *fmt, ...);
+void errx (int eval, const char *fmt, ...) GNUC_PRINTF (2, 3);
 void verrx (int eval, const char *fmt, va_list ap);
-void warn (const char *fmt, ...);
+void warn (const char *fmt, ...) GNUC_PRINTF (1, 2);
 void vwarn (const char *fmt, va_list ap);
-void warnc (int code, const char *fmt, ...);
+void warnc (int code, const char *fmt, ...) GNUC_PRINTF (2, 3);
 void vwarnc (int code, const char *fmt, va_list ap);
-void warnx (const char *fmt, ...);
+void warnx (const char *fmt, ...) GNUC_PRINTF (1, 2);
 void vwarnx (const char *fmt, va_list ap);
 
 #endif /* !HAVE_ERR_H */
diff --git a/p11-kit/conf.c b/p11-kit/conf.c
index 5c09ff5..917ce4c 100644
--- a/p11-kit/conf.c
+++ b/p11-kit/conf.c
@@ -111,8 +111,13 @@ strequal (const char *one, const char *two)
 	return strcmp (one, two) == 0;
 }
 
-static char*
-strconcat (const char *first, ...)
+static char *
+strconcat (const char *first,
+           ...) GNUC_NULL_TERMINATED;
+
+static char *
+strconcat (const char *first,
+           ...)
 {
 	size_t length = 0;
 	const char *arg;
@@ -646,7 +651,7 @@ _p11_conf_parse_boolean (const char *string,
 		return 0;
 	} else {
 		_p11_message ("invalid setting '%s' defaulting to '%s'",
-		              default_value ? "yes" : "no");
+		              string, default_value ? "yes" : "no");
 		return default_value;
 	}
 }
diff --git a/p11-kit/debug.h b/p11-kit/debug.h
index e5b970e..7fa9854 100644
--- a/p11-kit/debug.h
+++ b/p11-kit/debug.h
@@ -35,6 +35,8 @@
 #ifndef DEBUG_H
 #define DEBUG_H
 
+#include "compat.h"
+
 /* Please keep this enum in sync with keys in debug.c */
 typedef enum {
 	DEBUG_LIB = 1 << 1,
@@ -49,7 +51,7 @@ void              _p11_debug_init                (void);
 
 void              _p11_debug_message             (int flag,
                                                   const char *format,
-                                                  ...);
+                                                  ...) GNUC_PRINTF (2, 3);
 
 #endif /* DEBUG_H */
 
diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index 0498708..5eb97fd 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -525,14 +525,17 @@ load_registered_modules_unlocked (void)
 		 * These variables will be cleared if ownership is transeferred
 		 * by the above function call.
 		 */
-		free (name);
 		_p11_hash_free (config);
 
 		if (critical && rv != CKR_OK) {
-			_p11_message ("aborting initializationg because module '%s' was marked as critical");
+			_p11_message ("aborting initialization because module '%s' was marked as critical",
+			              name);
 			_p11_hash_free (configs);
+			free (name);
 			return rv;
 		}
+
+		free (name);
 	}
 
 	_p11_hash_free (configs);
diff --git a/p11-kit/private.h b/p11-kit/private.h
index da9fbae..f2cd181 100644
--- a/p11-kit/private.h
+++ b/p11-kit/private.h
@@ -35,6 +35,7 @@
 #ifndef __P11_KIT_PRIVATE_H__
 #define __P11_KIT_PRIVATE_H__
 
+#include "compat.h"
 #include "pkcs11.h"
 #include "util.h"
 
@@ -53,7 +54,8 @@ typedef struct {
 
 #define       _p11_unlock()  _p11_mutex_unlock (&_p11_mutex);
 
-void          _p11_message                                      (const char* msg, ...);
+void          _p11_message                                      (const char* msg,
+                                                                 ...) GNUC_PRINTF (1, 2);
 
 p11_local *   _p11_library_get_thread_local                     (void);
 
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 711a3fb..28aa496 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1,6 +1,7 @@
 
 INCLUDES = \
 	-I$(top_srcdir) \
+	-I$(top_srcdir)/common \
 	-I$(top_srcdir)/p11-kit \
 	-I$(srcdir)/cutest \
 	-DSRCDIR=\"$(srcdir)\" \
-- 
cgit v1.2.1