Make sure Exceptions do not use unsafe format strings
diff --git a/common/rfb/CConnection.cxx b/common/rfb/CConnection.cxx
index e0a23b5..8ccd948 100644
--- a/common/rfb/CConnection.cxx
+++ b/common/rfb/CConnection.cxx
@@ -97,12 +97,11 @@
// The only official RFB protocol versions are currently 3.3, 3.7 and 3.8
if (cp.beforeVersion(3,3)) {
- char msg[256];
- sprintf(msg,"Server gave unsupported RFB protocol version %d.%d",
- cp.majorVersion, cp.minorVersion);
- vlog.error("%s", msg);
+ vlog.error("Server gave unsupported RFB protocol version %d.%d",
+ cp.majorVersion, cp.minorVersion);
state_ = RFBSTATE_INVALID;
- throw Exception(msg);
+ throw Exception("Server gave unsupported RFB protocol version %d.%d",
+ cp.majorVersion, cp.minorVersion);
} else if (useProtocol3_3 || cp.beforeVersion(3,7)) {
cp.setVersion(3,3);
} else if (cp.afterVersion(3,8)) {
diff --git a/common/rfb/Exception.h b/common/rfb/Exception.h
index 7c2cbca..5f47fcf 100644
--- a/common/rfb/Exception.h
+++ b/common/rfb/Exception.h
@@ -24,14 +24,15 @@
typedef rdr::Exception Exception;
struct AuthFailureException : public Exception {
AuthFailureException(const char* s="Authentication failure")
- : Exception(s) {}
+ : Exception("%s", s) {}
};
struct AuthCancelledException : public rfb::Exception {
AuthCancelledException(const char* s="Authentication cancelled")
- : Exception(s) {}
+ : Exception("%s", s) {}
};
struct ConnFailedException : public Exception {
- ConnFailedException(const char* s="Connection failed") : Exception(s) {}
+ ConnFailedException(const char* s="Connection failed")
+ : Exception("%s", s) {}
};
}
#endif
diff --git a/common/rfb/JpegCompressor.cxx b/common/rfb/JpegCompressor.cxx
index c19af34..5df0039 100644
--- a/common/rfb/JpegCompressor.cxx
+++ b/common/rfb/JpegCompressor.cxx
@@ -123,7 +123,7 @@
if(setjmp(err->jmpBuffer)) {
// this will execute if libjpeg has an error
- throw rdr::Exception(err->lastError);
+ throw rdr::Exception("%s", err->lastError);
}
jpeg_create_compress(cinfo);
@@ -166,7 +166,7 @@
jpeg_abort_compress(cinfo);
if (srcBufIsTemp && srcBuf) delete[] srcBuf;
if (rowPointer) delete[] rowPointer;
- throw rdr::Exception(err->lastError);
+ throw rdr::Exception("%s", err->lastError);
}
cinfo->image_width = w;
diff --git a/common/rfb/JpegDecompressor.cxx b/common/rfb/JpegDecompressor.cxx
index ca1ad22..70a4276 100644
--- a/common/rfb/JpegDecompressor.cxx
+++ b/common/rfb/JpegDecompressor.cxx
@@ -116,7 +116,7 @@
if(setjmp(err->jmpBuffer)) {
// this will execute if libjpeg has an error
- throw rdr::Exception(err->lastError);
+ throw rdr::Exception("%s", err->lastError);
}
jpeg_create_decompress(dinfo);
@@ -162,7 +162,7 @@
jpeg_abort_decompress(dinfo);
if (dstBufIsTemp && dstBuf) delete[] dstBuf;
if (rowPointer) delete[] rowPointer;
- throw rdr::Exception(err->lastError);
+ throw rdr::Exception("%s", err->lastError);
}
src->pub.next_input_byte = jpegBuf;