Make sure Exceptions do not use unsafe format strings
diff --git a/common/rdr/Exception.h b/common/rdr/Exception.h
index f533dcc..62f452b 100644
--- a/common/rdr/Exception.h
+++ b/common/rdr/Exception.h
@@ -43,15 +43,15 @@
};
struct TimedOut : public Exception {
- TimedOut(const char* s="Timed out") : Exception(s) {}
+ TimedOut(const char* s="Timed out") : Exception("%s", s) {}
};
struct EndOfStream : public Exception {
- EndOfStream(const char* s="End of stream") : Exception(s) {}
+ EndOfStream(const char* s="End of stream") : Exception("%s", s) {}
};
struct FrameException : public Exception {
- FrameException(const char* s="Frame exception") : Exception(s) {}
+ FrameException(const char* s="Frame exception") : Exception("%s", s) {}
};
}
diff --git a/common/rdr/FileInStream.cxx b/common/rdr/FileInStream.cxx
index 18a9169..6d23aa2 100644
--- a/common/rdr/FileInStream.cxx
+++ b/common/rdr/FileInStream.cxx
@@ -72,7 +72,7 @@
size_t n = fread((U8 *)end, b + sizeof(b) - end, 1, file);
if (n < 1) {
if (n < 0 || ferror(file))
- throw Exception(strerror(errno));
+ throw SystemException("fread", errno);
if (feof(file))
throw EndOfStream();
if (n == 0) { return 0; }
diff --git a/common/rdr/TLSException.cxx b/common/rdr/TLSException.cxx
index 3d39d79..bf8e97a 100644
--- a/common/rdr/TLSException.cxx
+++ b/common/rdr/TLSException.cxx
@@ -34,15 +34,8 @@
#ifdef HAVE_GNUTLS
TLSException::TLSException(const char* s, int err_)
- : Exception(s), err(err_)
+ : Exception("%s: %s (%d)", s, gnutls_strerror(err), err), err(err_)
{
- strncat(str_, ": ", len-1-strlen(str_));
- strncat(str_, gnutls_strerror(err), len-1-strlen(str_));
- strncat(str_, " (", len-1-strlen(str_));
- char buf[20];
- sprintf(buf,"%d",err);
- strncat(str_, buf, len-1-strlen(str_));
- strncat(str_, ")", len-1-strlen(str_));
}
#endif /* HAVE_GNUTLS */