Dmitry V. Levin on Sat, 27 Sep 2003 17:02:39 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[tcptra-dev] I: [PATCH] tcptraceroute-1.5beta5: format fixes


Greetings!

I'd recommend to add gcc attributes to functions which deserve it.
This may help to avoid format bugs.
Hopefully these two have no security implications.

Proposed patch (should be quite portable) is attached.


--
ldv
--- tcptraceroute-1.5beta5/tcptraceroute.c.orig	2003-07-03 23:56:41 +0400
+++ tcptraceroute-1.5beta5/tcptraceroute.c	2003-09-27 14:05:12 +0400
@@ -188,6 +188,16 @@
 	{	-1,					-1,		NULL			}
 };
 
+/* GCC attributes */
+#if !defined(__GNUC__) || __GNUC__ < 2 || \
+    (__GNUC__ == 2 && __GNUC_MINOR__ < 5) || __STRICT_ANSI__
+# define NORETURN
+# define FORMAT(x)
+#else /* GNU C: */
+# define NORETURN __attribute__ ((__noreturn__))
+# define FORMAT(x) __attribute__ ((__format__ x))
+#endif
+
 /* Various globals */
 u_long dst_ip, src_ip;
 u_short src_prt, dst_prt;
@@ -238,7 +248,8 @@
  * namp.  debug() and warn() are based on them.
  */
 
-void fatal(char *fmt, ...)
+void NORETURN FORMAT ((__printf__, 1, 2))
+fatal(char *fmt, ...)
 {
 	va_list ap;
 	fflush(stdout);
@@ -248,7 +259,8 @@
 	exit(1);
 }
 
-void debug(char *fmt, ...)
+void FORMAT ((__printf__, 1, 2))
+debug(char *fmt, ...)
 {
 	va_list ap;
 	if (! o_debug) return;
@@ -260,7 +272,8 @@
 	fflush(stderr);
 }
 
-void warn(char *fmt, ...)
+void FORMAT ((__printf__, 1, 2))
+warn(char *fmt, ...)
 {
 	va_list ap;
 	fflush(stdout);
@@ -271,7 +284,8 @@
 	fflush(stderr);
 }
 
-void pfatal(char *err)
+void NORETURN
+pfatal(char *err)
 {
 	debug("errno == %d\n", errno);
 	fflush(stdout);
@@ -279,13 +293,19 @@
 	exit(1);
 }
 
-void usage(void)
+void NORETURN
+usage(void)
 {
 	printf("\n%s %s\n%s\n", PACKAGE, VERSION, BANNER);
-    fatal("Usage: %s [-nNFSAE] [-i <interface>] [-f <first ttl>]\n       [-l <packet length>] [-q <number of queries>] [-t <tos>]\n       [-m <max ttl>] [-pP] <source port>] [-s <source address>]\n       [-w <wait time>] <host> [destination port] [packet length]\n\n", name);
+	fatal(
+"Usage: %s [-nNFSAE] [-i <interface>] [-f <first ttl>]\n"
+"       [-l <packet length>] [-q <number of queries>] [-t <tos>]\n"
+"       [-m <max ttl>] [-pP] <source port>] [-s <source address>]\n"
+"       [-w <wait time>] <host> [destination port] [packet length]\n\n", name);
 }
 
-void about(void)
+void NORETURN
+about(void)
 {
 	printf("\n%s %s\n%s\n", PACKAGE, VERSION, BANNER);
 	exit(0);
@@ -322,7 +342,8 @@
 	return strncpy(dst, src, size-1);
 }
 
-int safe_snprintf(char *s, int size, char *fmt, ...)
+int FORMAT ((__printf__, 3, 4))
+safe_snprintf(char *s, int size, char *fmt, ...)
 {
 	va_list ap;
 	int ret;
@@ -991,7 +1012,7 @@
 	}
 
 	if (device == NULL)
-		fatal("Could not determine device via pcap_lookupdev(): %\n", errbuf);
+		fatal("Could not determine device via pcap_lookupdev(): %s\n", errbuf);
 
 	if ((pcap = pcap_open_live(device, 0, 0, 0, errbuf)) == NULL)
 		fatal("error opening device %s: %s\n", device, errbuf);
@@ -1409,7 +1430,7 @@
 
 		if (len > SNAPLEN)
 		{
-			debug("Packet received is larger than our snaplen?  Ignoring\n", SNAPLEN);
+			debug("Packet received is larger than our snaplen (%d)?  Ignoring\n", SNAPLEN);
 			continue;
 		}
 

Attachment: pgp4CFwS7QPEr.pgp
Description: PGP signature