From 430212ffab5fdf39bc9ac0050c03b3f3a57a631f Mon Sep 17 00:00:00 2001
From: "Yann E. MORIN\"" <yann.morin.1998@anciens.enib.fr>
Date: Mon, 11 Jul 2011 00:15:00 +0200
Subject: scripts/xldd: don't pass random format to printf

Although proabaly inoffensive in our case, do not pass un-checked
formats to printf.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@anciens.enib.fr>

diff --git a/scripts/xldd.in b/scripts/xldd.in
index a0df094..bcc5504 100755
--- a/scripts/xldd.in
+++ b/scripts/xldd.in
@@ -210,7 +210,7 @@ do_find_needed() {
     local base
     local d i
 
-    do_trace "Searching for '${needed}'\n"
+    do_trace "Searching for '%s'\n" "${needed}"
 
     # rpath shall come first!
     list=(                      \
@@ -228,7 +228,7 @@ do_find_needed() {
             dirs=( "${needed_search_path[@]}" )
         fi
         for d in "${dirs[@]}"; do
-            do_trace "-> looking in '${d}' (${where})\n"
+            do_trace "-> looking in '%s' (%s)\n" "${d}" "${where}"
             if [ -f "${base}${d}/${needed}" ]; then
                 found="${d}/${needed}"
                 do_trace "---> found\n"
@@ -244,7 +244,7 @@ do_find_needed() {
         printf "%8s%s not found\n" "" "${needed}"
     fi
 
-    do_trace "Done searching for '${needed}'\n"
+    do_trace "Done searching for '%s'\n" "${needed}"
 }
 
 # Scan a file for all NEEDED tags
@@ -254,19 +254,19 @@ do_process_file() {
     local n m
     local found
 
-    do_trace "Parsing file '${file}'\n"
+    do_trace "Parsing file '%s'\n" "${file}"
 
     save_search_rpath=( "${search_rpath[@]}" )
     for n in $( "${readelf}" -d "${file}"                                           \
                 |"${grep}" -E '\((RPATH|RUNPATH)\)'                                 \
                 |"${sed}" -r -e 's/^.*Library r(|un)path:[[:space:]]+\[(.*)\]$/\2/;'\
               ); do
-        do_trace "-> adding rpath '${n}'\n"
+        do_trace "-> adding rpath '%s'\n" "${n}"
         search_rpath+=( "${n}" )
     done
     do_trace ": search path:\n"
     for n in "${search_rpath[@]}" "${needed_search_path[@]}"; do
-        do_trace ": - '${n}'\n"
+        do_trace ": - '%s'\n" "${n}"
     done
     do_trace ": end search path"
 
@@ -279,18 +279,18 @@ do_process_file() {
             [ "${n}" = "${m}" ] && found=1 && break
         done
         if [ ${found} -ne 0 ]; then
-            do_trace "-> skipping already known dependency '${n}'\n"
+            do_trace "-> skipping already known dependency '%s'\n" "${n}"
             continue
         fi
-        do_trace "-> handling new dependency '${n}'\n"
+        do_trace "-> handling new dependency '%s'\n" "${n}"
         needed_list+=( "${n}" )
         do_find_needed "${n}"
-        do_trace "-> done handling dependency '${n}'\n"
+        do_trace "-> done handling dependency '%s'\n" "${n}"
     done
 
     search_rpath=( "${save_search_rpath[@]}" )
 
-    do_trace "Finished parsing file '${file}'\n"
+    do_trace "Finished parsing file '%s'\n" "${file}"
 }
 
 # Recursively scan a /etc/ld.so.conf file
@@ -300,28 +300,28 @@ do_scan_etc_ldsoconf() {
     local f
 
     [ -f "${ldsoconf}" ] || return 0
-    do_trace "Parsing ld.so.conf: '${ldsoconf}'\n"
+    do_trace "Parsing ld.so.conf: '%s'\n" "${ldsoconf}"
 
     while read line; do
         case "${line}" in
             include\ *)
                 g="${root}${line#include }"
-                do_trace "-> handling include directive '${g}'\n"
+                do_trace "-> handling include directive '%s'\n" "${g}"
                 for f in ${g}; do
                     do_scan_etc_ldsoconf "${f}"
                 done
-                do_trace "-> finished handling include directive '${g}'\n"
+                do_trace "-> finished handling include directive '%s'\n" "${g}"
                 ;;
             \#*|"")
                 ;;
             *)
-                do_trace "-> adding search dir '${line}'\n"
+                do_trace "-> adding search dir '%s'\n" "${line}"
                 needed_search_path+=( "${line}" )
                 ;;
         esac
     done <"${ldsoconf}"
 
-    do_trace "Finished parsing ld.so.conf: '${ldsoconf}'\n"
+    do_trace "Finished parsing ld.so.conf: '%s'\n" "${ldsoconf}"
 }
 
 # Build up the full list of search directories
@@ -331,7 +331,7 @@ ld_library_path="${ld_library_path}:"
 while [ -n "${ld_library_path}" ]; do
     d="${ld_library_path%%:*}"
     if [ -n "${d}" ]; then
-        do_trace "-> adding search dir '${d}'\n"
+        do_trace "-> adding search dir '%s'\n" "${d}"
         needed_search_path+=( "${d}" )
     fi
     ld_library_path="${ld_library_path#*:}"
@@ -342,11 +342,11 @@ do_scan_etc_ldsoconf "${root}/etc/ld.so.conf"
 do_trace "Done scanning '/etc/ld.so.conf'\n"
 do_trace "Search path:\n"
 for p in "${needed_search_path[@]}"; do
-    do_trace "-> '${p}'\n"
+    do_trace "-> '%s'\n" "${p}"
 done
 
 declare -a needed_list
 declare -a search_rpath
-do_trace "Scanning file '${1}'\n"
+do_trace "Scanning file '%s'\n" "${1}"
 do_process_file "${1}"
-do_trace "Done scanning file '${1}'\n"
+do_trace "Done scanning file '%s'\n" "${1}"
-- 
cgit v0.10.2-6-g49f6