security/libssh2: avoid printf %n

Fri, 10 Sep 2021 12:30:32 -0700 

./security/libssh2.log:subsystem_netconf.c:267:17: warning: '%n' format 
specifier support is deactivated and will call abort(3)
./security/libssh2.log:subsystem_netconf.c:285:17: warning: '%n' format 
specifier support is deactivated and will call abort(3)

This is in example code that isn't actually installed.  We should
still fix it so we don't have to filter the warning, though.

The old code is also broken, as it passes a pointer to a variable
of a different size (on LP64).

There is no check for truncation, but buf[] is 1MB in size, so I
didn't add one.

OK?

Index: patches/patch-example_subsystem_netconf_c
===================================================================
RCS file: patches/patch-example_subsystem_netconf_c
diff -N patches/patch-example_subsystem_netconf_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-example_subsystem_netconf_c   10 Sep 2021 19:20:13 -0000
@@ -0,0 +1,37 @@
+$OpenBSD$
+
+Index: example/subsystem_netconf.c
+--- example/subsystem_netconf.c.orig
++++ example/subsystem_netconf.c
+@@ -257,14 +257,14 @@ int main(int argc, char *argv[])
+     /* NETCONF: https://tools.ietf.org/html/draft-ietf-netconf-ssh-06 */
+ 
+     fprintf(stderr, "Sending NETCONF client <hello>\n");
+-    snprintf(buf, sizeof(buf),
++    len = snprintf(buf, sizeof(buf),
+       "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
+       "<hello>"
+       "<capabilities>"
+       "<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>"
+       "</capabilities>"
+       "</hello>\n"
+-      "]]>]]>\n%n", (int *)&len);
++      "]]>]]>\n");
+     if(-1 == netconf_write(channel, buf, len))
+         goto shutdown;
+ 
+@@ -277,12 +277,12 @@ int main(int argc, char *argv[])
+             (int)len, buf);
+ 
+     fprintf(stderr, "Sending NETCONF <rpc>\n");
+-    snprintf(buf, sizeof(buf),
++    len = snprintf(buf, sizeof(buf),
+       "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
+       "<rpc xmlns=\"urn:ietf:params:xml:ns:netconf:base:1.0\">"
+       "<get-interface-information><terse/></get-interface-information>"
+       "</rpc>\n"
+-      "]]>]]>\n%n", (int *)&len);
++      "]]>]]>\n");
+     if(-1 == netconf_write(channel, buf, len))
+         goto shutdown;
+ 
-- 
Christian "naddy" Weisgerber                          na...@mips.inka.de

Reply via email to