From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sun, 16 Jun 2019 20:24:36 +0000 (+0200)
Subject: uhttpd: Fix multiple format string problems
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=91fcac34ac014a565fdd6312de088d312b5ba7ec;p=oweals%2Fuhttpd.git

uhttpd: Fix multiple format string problems

After format string checks were activated in libubox the compiler
started to complain about multiple missuses in uhttpd. This fixes the
format strings without changing the behavior.

blobmsg_get_string() just checks if the parameter is not NULL and then
calls blobmsg_data() and casts the result.

I think non of these problem is security relevant.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---

diff --git a/proc.c b/proc.c
index 88ec31e..1d63d86 100644
--- a/proc.c
+++ b/proc.c
@@ -232,7 +232,8 @@ static void proc_handle_header_end(struct relay *r)
 	uloop_timeout_cancel(&p->timeout);
 	uh_http_header(cl, cl->dispatch.proc.status_code, cl->dispatch.proc.status_msg);
 	blob_for_each_attr(cur, cl->dispatch.proc.hdr.head, rem)
-		ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur), blobmsg_data(cur));
+		ustream_printf(cl->us, "%s: %s\r\n", blobmsg_name(cur),
+			       blobmsg_get_string(cur));
 
 	ustream_printf(cl->us, "\r\n");
 
diff --git a/ubus.c b/ubus.c
index f7d1f11..8cfbd97 100644
--- a/ubus.c
+++ b/ubus.c
@@ -144,11 +144,11 @@ static void uh_ubus_add_cors_headers(struct client *cl)
 	}
 
 	ustream_printf(cl->us, "Access-Control-Allow-Origin: %s\r\n",
-	               blobmsg_data(tb[HDR_ORIGIN]));
+	               blobmsg_get_string(tb[HDR_ORIGIN]));
 
 	if (tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS])
 		ustream_printf(cl->us, "Access-Control-Allow-Headers: %s\r\n",
-		               blobmsg_data(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
+		               blobmsg_get_string(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
 
 	ustream_printf(cl->us, "Access-Control-Allow-Methods: POST, OPTIONS\r\n");
 	ustream_printf(cl->us, "Access-Control-Allow-Credentials: true\r\n");
diff --git a/utils.c b/utils.c
index d990d7d..142a410 100644
--- a/utils.c
+++ b/utils.c
@@ -47,7 +47,7 @@ void uh_chunk_write(struct client *cl, const void *data, int len)
 		ustream_printf(cl->us, "%X\r\n", len);
 	ustream_write(cl->us, data, len, true);
 	if (chunked)
-		ustream_printf(cl->us, "\r\n", len);
+		ustream_printf(cl->us, "\r\n");
 }
 
 void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg)
@@ -74,7 +74,7 @@ void uh_chunk_vprintf(struct client *cl, const char *format, va_list arg)
 		ustream_write(cl->us, buf, len, true);
 	else
 		ustream_vprintf(cl->us, format, arg);
-	ustream_printf(cl->us, "\r\n", len);
+	ustream_printf(cl->us, "\r\n");
 }
 
 void uh_chunk_printf(struct client *cl, const char *format, ...)