MODSIGN: fix a compilation warning in extract-cert
authorDavid Howells <dhowells@redhat.com>
Fri, 11 Sep 2015 20:07:36 +0000 (13:07 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 11 Sep 2015 22:21:34 +0000 (15:21 -0700)
Fix the following warning when compiling extract-cert:

  scripts/extract-cert.c: In function `write_cert':
  scripts/extract-cert.c:89:2: warning: format not a string literal and no format arguments [-Wformat-security]
    ERR(!i2d_X509_bio(wb, x509), cert_dst);
    ^

whereby the ERR() macro is taking cert_dst as the format string.  "%s"
should be used as the format string as the path could contain special
characters.

Signed-off-by: David Howells <dhowells@redhat.com>
Reported-by: Jim Davis <jim.epost@gmail.com>
Acked-by : David Woodhouse <david.woodhouse@intel.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
scripts/extract-cert.c

index fd0db015c65c271d807bb4b3b8dfc44db219c7e3..10d23ca9f6176c5ec9ea8ac71a909d3c39acee26 100644 (file)
@@ -86,7 +86,7 @@ static void write_cert(X509 *x509)
                ERR(!wb, "%s", cert_dst);
        }
        X509_NAME_oneline(X509_get_subject_name(x509), buf, sizeof(buf));
-       ERR(!i2d_X509_bio(wb, x509), cert_dst);
+       ERR(!i2d_X509_bio(wb, x509), "%s", cert_dst);
        if (kbuild_verbose)
                fprintf(stderr, "Extracted cert: %s\n", buf);
 }