From 6bd501ca3d0196ac976d5648b6050a5cf0bccd78 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 15 Aug 2016 15:32:01 +0100 Subject: [PATCH 15/21] Reimplement _dbus_warn_return_if_fail without -Wformat-nonliteral We can avoid duplicating the format string between translation units, without the compiler warning us that it can't check non-literal format strings for format-string security vulnerabilities based on %p, by breaking out the "assertion failed" case into a slow-path. Signed-off-by: Simon McVittie Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97357 --- dbus/dbus-internals.c | 15 +++++++++++---- dbus/dbus-internals.h | 15 +++++++-------- dbus/dbus-server.c | 10 ++++------ 3 files changed, 22 insertions(+), 18 deletions(-) diff --git a/dbus/dbus-internals.c b/dbus/dbus-internals.c index 17bb39c..9e515da 100644 --- a/dbus/dbus-internals.c +++ b/dbus/dbus-internals.c @@ -944,10 +944,17 @@ _dbus_get_local_machine_uuid_encoded (DBusString *uuid_str, } #ifndef DBUS_DISABLE_CHECKS -/** String used in _dbus_return_if_fail macro */ -const char *_dbus_return_if_fail_warning_format = -"arguments to %s() were incorrect, assertion \"%s\" failed in file %s line %d.\n" -"This is normally a bug in some application using the D-Bus library.\n"; +void +_dbus_warn_return_if_fail (const char *function, + const char *assertion, + const char *file, + int line) +{ + _dbus_warn_check_failed ( + "arguments to %s() were incorrect, assertion \"%s\" failed in file %s line %d.\n" + "This is normally a bug in some application using the D-Bus library.\n", + function, assertion, file, line); +} #endif #ifndef DBUS_DISABLE_ASSERT diff --git a/dbus/dbus-internals.h b/dbus/dbus-internals.h index 7ec77e5..beff1e2 100644 --- a/dbus/dbus-internals.h +++ b/dbus/dbus-internals.h @@ -42,7 +42,11 @@ void _dbus_warn (const char *format, DBUS_PRIVATE_EXPORT void _dbus_warn_check_failed (const char *format, ...) _DBUS_GNUC_PRINTF (1, 2); - +DBUS_PRIVATE_EXPORT +void _dbus_warn_return_if_fail (const char *function, + const char *assertion, + const char *file, + int line); #if defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) #define _DBUS_FUNCTION_NAME __func__ @@ -165,22 +169,17 @@ void _dbus_real_assert_not_reached (const char *explanation, #define _dbus_return_val_if_fail(condition, val) #else -DBUS_PRIVATE_EXPORT -extern const char *_dbus_return_if_fail_warning_format; - #define _dbus_return_if_fail(condition) do { \ _dbus_assert ((*(const char*)_DBUS_FUNCTION_NAME) != '_'); \ if (!(condition)) { \ - _dbus_warn_check_failed (_dbus_return_if_fail_warning_format, \ - _DBUS_FUNCTION_NAME, #condition, __FILE__, __LINE__); \ + _dbus_warn_return_if_fail (_DBUS_FUNCTION_NAME, #condition, __FILE__, __LINE__); \ return; \ } } while (0) #define _dbus_return_val_if_fail(condition, val) do { \ _dbus_assert ((*(const char*)_DBUS_FUNCTION_NAME) != '_'); \ if (!(condition)) { \ - _dbus_warn_check_failed (_dbus_return_if_fail_warning_format, \ - _DBUS_FUNCTION_NAME, #condition, __FILE__, __LINE__); \ + _dbus_warn_return_if_fail (_DBUS_FUNCTION_NAME, #condition, __FILE__, __LINE__); \ return (val); \ } } while (0) diff --git a/dbus/dbus-server.c b/dbus/dbus-server.c index 3adbd82..ea9aff2 100644 --- a/dbus/dbus-server.c +++ b/dbus/dbus-server.c @@ -704,9 +704,8 @@ dbus_server_ref (DBusServer *server) if (_DBUS_UNLIKELY (old_refcount <= 0)) { _dbus_atomic_dec (&server->refcount); - _dbus_warn_check_failed (_dbus_return_if_fail_warning_format, - _DBUS_FUNCTION_NAME, "old_refcount > 0", - __FILE__, __LINE__); + _dbus_warn_return_if_fail (_DBUS_FUNCTION_NAME, "old_refcount > 0", + __FILE__, __LINE__); return NULL; } #endif @@ -746,9 +745,8 @@ dbus_server_unref (DBusServer *server) * Bug: https://bugs.freedesktop.org/show_bug.cgi?id=68303 */ _dbus_atomic_inc (&server->refcount); - _dbus_warn_check_failed (_dbus_return_if_fail_warning_format, - _DBUS_FUNCTION_NAME, "old_refcount > 0", - __FILE__, __LINE__); + _dbus_warn_return_if_fail (_DBUS_FUNCTION_NAME, "old_refcount > 0", + __FILE__, __LINE__); return; } #endif -- 2.9.3