From 47f7ca6c31985b6c1e069f0158bdb72e65a94903 Mon Sep 17 00:00:00 2001 From: Johannes Bauer Date: Sat, 26 Jun 2021 22:48:33 +0200 Subject: [PATCH] Fix numerous log format issues We had not declared function attributes that check the format syntax; this led to a number of issues that remained undetected. Fixed. --- file_encryption.c | 2 +- keydb.c | 8 ++++---- log.c | 4 ++-- log.h | 2 +- server.c | 6 +++--- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/file_encryption.c b/file_encryption.c index c3eb515..cdbdbb8 100644 --- a/file_encryption.c +++ b/file_encryption.c @@ -298,7 +298,7 @@ struct decrypted_file_t read_encrypted_file(const char *filename, passphrase_cal /* Check if the file is long enough to be an encrypted file */ const unsigned int encrypted_file_size = statbuf.st_size; if (encrypted_file_size < sizeof(struct encrypted_file_t)) { - log_msg(LLVL_ERROR, "%s: too small to be encrypted file (%u bytes)", encrypted_file_size); + log_msg(LLVL_ERROR, "%s: too small to be encrypted file (%u bytes)", filename, encrypted_file_size); result.success = false; break; } diff --git a/keydb.c b/keydb.c index 465ab77..32c7839 100644 --- a/keydb.c +++ b/keydb.c @@ -184,7 +184,7 @@ bool keydb_del_host_by_name(struct keydb_t **keydb, const char *host_name) { int host_index = keydb_get_host_index(old_keydb, host); if (host_index < 0) { - log_msg(LLVL_FATAL, "Fatal error determining host index of \"%s\" for host \"%s\".", host_name); + log_msg(LLVL_FATAL, "Fatal error determining host index for hostname \"%s\".", host_name); return false; } @@ -217,7 +217,7 @@ struct volume_entry_t* keydb_add_volume(struct host_entry_t *host, const char *d memcpy(volume->volume_uuid, volume_uuid, 16); strncpy(volume->devmapper_name, devmapper_name, sizeof(volume->devmapper_name) - 1); if (!buffer_randomize(volume->luks_passphrase_raw, sizeof(volume->luks_passphrase_raw))) { - log_msg(LLVL_ERROR, "Failed to produce %d bytes of entropy for LUKS passphrase.", sizeof(volume->luks_passphrase_raw)); + log_msg(LLVL_ERROR, "Failed to produce %ld bytes of entropy for LUKS passphrase.", sizeof(volume->luks_passphrase_raw)); return NULL; } host->volume_count++; @@ -274,14 +274,14 @@ struct keydb_t* keydb_read(const char *filename) { struct keydb_t *keydb = (struct keydb_t*)decrypted_file.data; if (keydb->keydb_version != KEYDB_VERSION) { - log_msg(LLVL_ERROR, "keydb in %s could be read, but is of version %u (we expected %u).", keydb->keydb_version, KEYDB_VERSION); + log_msg(LLVL_ERROR, "keydb in %s could be read, but is of version %u (we expected %u).", filename, keydb->keydb_version, KEYDB_VERSION); OPENSSL_cleanse(decrypted_file.data, decrypted_file.data_length); free(decrypted_file.data); return NULL; } if (decrypted_file.data_length != keydb_getsize(keydb)) { - log_msg(LLVL_ERROR, "keydb in %s could be read, but was %u bytes long (we expected %u).", decrypted_file.data_length, keydb_getsize(keydb)); + log_msg(LLVL_ERROR, "keydb in %s could be read, but was %u bytes long (we expected %u).", filename, decrypted_file.data_length, keydb_getsize(keydb)); OPENSSL_cleanse(decrypted_file.data, decrypted_file.data_length); free(decrypted_file.data); return NULL; diff --git a/log.c b/log.c index af19ea0..7c5f750 100644 --- a/log.c +++ b/log.c @@ -57,7 +57,7 @@ bool should_log(enum loglvl_t level) { return level <= current_loglvl; } -void log_msg(enum loglvl_t level, const char *msg, ...) { +void __attribute__ ((format (printf, 2, 3))) log_msg(enum loglvl_t level, const char *msg, ...) { if (!should_log(level)) { /* Suppress message */ return; @@ -94,7 +94,7 @@ static int log_openssl_error_callback(const char *msg, size_t len, void *vlvlptr truncate_crlf(msgcopy); enum loglvl_t* levelptr = (enum loglvl_t*)vlvlptr; - log_msg(*levelptr, msgcopy); + log_msg(*levelptr, "%s", msgcopy); return 0; } diff --git a/log.h b/log.h index 903097d..8817aae 100644 --- a/log.h +++ b/log.h @@ -38,7 +38,7 @@ enum loglvl_t { /*************** AUTO GENERATED SECTION FOLLOWS ***************/ void log_setlvl(enum loglvl_t level); bool should_log(enum loglvl_t level); -void log_msg(enum loglvl_t level, const char *msg, ...); +void __attribute__ ((format (printf, 2, 3))) log_msg(enum loglvl_t level, const char *msg, ...); void log_libc(enum loglvl_t level, const char *msg, ...); void log_openssl(enum loglvl_t level, const char *msg, ...); /*************** AUTO GENERATED SECTION ENDS ***************/ diff --git a/server.c b/server.c index 66ba886..3e80709 100644 --- a/server.c +++ b/server.c @@ -107,7 +107,7 @@ static int psk_server_callback(SSL *ssl, const unsigned char *identity, size_t i struct client_thread_ctx_t *ctx = (struct client_thread_ctx_t*)SSL_get_app_data(ssl); if (identity_len != ASCII_UUID_CHARACTER_COUNT) { - log_msg(LLVL_WARNING, "Received client identity of length %d, cannot be a UUID.", identity_len); + log_msg(LLVL_WARNING, "Received client identity of length %ld, cannot be a UUID.", identity_len); return 0; } @@ -115,7 +115,7 @@ static int psk_server_callback(SSL *ssl, const unsigned char *identity, size_t i memcpy(uuid_str, identity, ASCII_UUID_CHARACTER_COUNT); uuid_str[ASCII_UUID_CHARACTER_COUNT] = 0; if (!is_valid_uuid(uuid_str)) { - log_msg(LLVL_WARNING, "Received client identity of length %d, but not a valid UUID.", identity_len); + log_msg(LLVL_WARNING, "Received client identity of length %ld, but not a valid UUID.", identity_len); return 0; } @@ -175,7 +175,7 @@ static void client_handler_thread(void *vctx) { int txlen = SSL_write(ssl, &msgs, sizeof(msgs)); OPENSSL_cleanse(&msgs, sizeof(msgs)); if (txlen != (long)sizeof(msgs)) { - log_msg(LLVL_WARNING, "Tried to send message of %d bytes, but sent %d. Severing connection to client.", sizeof(msgs), txlen); + log_msg(LLVL_WARNING, "Tried to send message of %ld bytes, but sent %d. Severing connection to client.", sizeof(msgs), txlen); } } else { log_msg(LLVL_FATAL, "Client connected, but no host set.");