diff options
| author | Nick Kralevich <nnk@google.com> | 2012-02-23 13:04:26 -0800 |
|---|---|---|
| committer | Nick Kralevich <nnk@google.com> | 2012-02-23 14:50:29 -0800 |
| commit | c2b26cb83d9bf3f91e986625efcc40fc8eb79a13 (patch) | |
| tree | b7e558b58713fd3d81c961d248000ca7adf20091 | |
| parent | 0a379691e04700b3b44948450b1e3db92ef2ec01 (diff) | |
| download | netd-c2b26cb83d9bf3f91e986625efcc40fc8eb79a13.tar.gz | |
BandwidthController: fix format string bugs
In 876666947664c718a8d0cae9bbddb06cc91f912c, a new %s
was added to ALERT_IPT_TEMPLATE. Not all users of this string
were updated.
This change modifies ALERT_IPT_TEMPLATE to be a #define, which
allows gcc's format string detection work.
Add -Werror=format to error out on any string format warning.
Testing: Code compiles. I don't know how to test this change
properly.
Bug: 5948299
Change-Id: I0ec307972e6bf50abd8ba099166c22069a6c6580
| -rw-r--r-- | Android.mk | 2 | ||||
| -rw-r--r-- | BandwidthController.cpp | 13 | ||||
| -rw-r--r-- | BandwidthController.h | 1 |
3 files changed, 7 insertions, 9 deletions
@@ -34,7 +34,7 @@ LOCAL_C_INCLUDES := $(KERNEL_HEADERS) \ bionic/libc/private \ $(call include-path-for, libhardware_legacy)/hardware_legacy -LOCAL_CFLAGS := +LOCAL_CFLAGS := -Werror=format LOCAL_SHARED_LIBRARIES := libstlport libsysutils libcutils libnetutils \ libcrypto libhardware_legacy diff --git a/BandwidthController.cpp b/BandwidthController.cpp index f66df0a4..b91a7c69 100644 --- a/BandwidthController.cpp +++ b/BandwidthController.cpp @@ -48,7 +48,7 @@ extern "C" int system_nosh(const char *command); #include "oem_iptables_hook.h" /* Alphabetical */ -const char BandwidthController::ALERT_IPT_TEMPLATE[] = "%s %s %s -m quota2 ! --quota %lld --name %s"; +#define ALERT_IPT_TEMPLATE "%s %s %s -m quota2 ! --quota %lld --name %s" const int BandwidthController::ALERT_RULE_POS_IN_COSTLY_CHAIN = 4; const char BandwidthController::ALERT_GLOBAL_NAME[] = "globalAlert"; const char BandwidthController::IP6TABLES_PATH[] = "/system/bin/ip6tables"; @@ -694,12 +694,12 @@ int BandwidthController::runIptablesAlertCmd(IptOp op, const char *alertName, in ifaceLimiting = "! -i lo+"; asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, ifaceLimiting, opFlag, "INPUT", - bytes, alertName, alertName); + bytes, alertName); res |= runIpxtablesCmd(alertQuotaCmd, IptRejectNoAdd); free(alertQuotaCmd); ifaceLimiting = "! -o lo+"; asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, ifaceLimiting, opFlag, "OUTPUT", - bytes, alertName, alertName); + bytes, alertName); res |= runIpxtablesCmd(alertQuotaCmd, IptRejectNoAdd); free(alertQuotaCmd); return res; @@ -726,7 +726,7 @@ int BandwidthController::runIptablesAlertFwdCmd(IptOp op, const char *alertName, ifaceLimiting = "! -i lo+"; asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, ifaceLimiting, opFlag, "FORWARD", - bytes, alertName, alertName); + bytes, alertName); res = runIpxtablesCmd(alertQuotaCmd, IptRejectNoAdd); free(alertQuotaCmd); return res; @@ -882,8 +882,7 @@ int BandwidthController::setCostlyAlert(const char *costName, int64_t bytes, int res = updateQuota(alertName, *alertBytes); } else { asprintf(&chainNameAndPos, "costly_%s %d", costName, ALERT_RULE_POS_IN_COSTLY_CHAIN); - asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, "-I", chainNameAndPos, bytes, alertName, - alertName); + asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, "", "-I", chainNameAndPos, bytes, alertName); res |= runIpxtablesCmd(alertQuotaCmd, IptRejectNoAdd); free(alertQuotaCmd); free(chainNameAndPos); @@ -906,7 +905,7 @@ int BandwidthController::removeCostlyAlert(const char *costName, int64_t *alertB } asprintf(&chainName, "costly_%s", costName); - asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, "-D", chainName, *alertBytes, alertName, alertName); + asprintf(&alertQuotaCmd, ALERT_IPT_TEMPLATE, "", "-D", chainName, *alertBytes, alertName); res |= runIpxtablesCmd(alertQuotaCmd, IptRejectNoAdd); free(alertQuotaCmd); free(chainName); diff --git a/BandwidthController.h b/BandwidthController.h index 1aa19e5e..2b4cecb2 100644 --- a/BandwidthController.h +++ b/BandwidthController.h @@ -152,7 +152,6 @@ private: static const char *IPT_BASIC_ACCOUNTING_COMMANDS[]; /* Alphabetical */ - static const char ALERT_IPT_TEMPLATE[]; static const int ALERT_RULE_POS_IN_COSTLY_CHAIN; static const char ALERT_GLOBAL_NAME[]; static const char IP6TABLES_PATH[]; |