Secure logs format string

This patch makes compilers happy. Some of them complain,
if -werror=format-security flag was enabled about insecure format
string, that is created using stringstream.

This patch defines own format string "%s" if there are no additional
parameters except format string passed to LOGX macros.

The drawback of this solution is that usage of %m is not supported
if there are no additional arguments to LOG (beside format message).

Change-Id: I2d4ab5a07d170c85f162a5f59cb63ecbfb56fec6

diff --git a/packaging/cynara.spec b/packaging/cynara.spec
index e9e389c..0c724a3 100644 (file)
--- a/packaging/cynara.spec
+++ b/packaging/cynara.spec
@@ -208,10 +208,12 @@ export CXXFLAGS="$CXXFLAGS -DCYNARA_STATE_PATH=\\\"%{state_path}\\\" \
                            -DCYNARA_LIB_PATH=\\\"%{lib_path}\\\" \
                            -DCYNARA_TESTS_DIR=\\\"%{tests_dir}\\\" \
                            -DCYNARA_CONFIGURATION_DIR=\\\"%{conf_path}\\\""
+
 export LDFLAGS+="-Wl,--rpath=%{_libdir}"
 
 %cmake . \
         -DBUILD_TESTS=ON \
+        -DBUILD_WITH_SYSTEMD=ON \
         -DCMAKE_BUILD_TYPE=%{?build_type} \
         -DCMAKE_VERBOSE_MAKEFILE=ON \
         -DDB_FILES_SMACK_LABEL="System"
@@ -336,6 +338,7 @@ fi
 
 %files -n cynara-devel
 %{_includedir}/cynara/*.h
+%{_includedir}/cynara/attributes/*.h
 %{_includedir}/cynara/log/*.h
 %{_includedir}/cynara/plugin/*.h
 %{_includedir}/cynara/types/*.h

diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt
index 5f50510..f254b9d 100644 (file)
--- a/src/common/CMakeLists.txt
+++ b/src/common/CMakeLists.txt
@@ -107,6 +107,10 @@ TARGET_LINK_LIBRARIES(${TARGET_CYNARA_COMMON}
 
 INSTALL(TARGETS ${TARGET_CYNARA_COMMON} DESTINATION ${LIB_INSTALL_DIR})
 INSTALL(FILES
+    ${COMMON_PATH}/attributes/attributes.h
+    DESTINATION ${INCLUDE_INSTALL_DIR}/cynara/attributes
+    )
+INSTALL(FILES
     ${COMMON_PATH}/log/log.h
     DESTINATION ${INCLUDE_INSTALL_DIR}/cynara/log
     )

diff --git a/src/common/log/log.h b/src/common/log/log.h
index 97ca1a3..e559300 100644 (file)
--- a/src/common/log/log.h
+++ b/src/common/log/log.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *  Contact: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
  *
@@ -18,6 +18,7 @@
 /**
  * @file        src/common/log/log.h
  * @author      Adam Malinowski <a.malinowsk2@partner.samsung.com>
+ * @author      Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
  * @version     1.0
  * @brief       This file defines logging utilities.
  */
@@ -30,18 +31,33 @@
 #include <systemd/sd-journal.h>
 #endif
 
+#include <attributes/attributes.h>
+
 extern int __log_level;
 
 #ifndef CYNARA_NO_LOGS
+namespace {
+    template <typename ...Args>
+    void UNUSED __LOG_FUN(int level, const std::stringstream &format, Args&&... args) {
+        sd_journal_print(level, format.str().c_str(), std::forward<Args>(args)...);
+    }
+
+    template <>
+    void UNUSED __LOG_FUN(int level, const std::stringstream &format) {
+        sd_journal_print(level, "%s", format.str().c_str());
+    }
+} // namespace anonymous
+
     #define __LOG(LEVEL, FORMAT, ...) \
         do { \
-            if(LEVEL <= __log_level) { \
-                std::stringstream __LOG_MACRO_format; \
-                __LOG_MACRO_format << FORMAT; \
-                sd_journal_print(LEVEL, __LOG_MACRO_format.str().c_str(), ##__VA_ARGS__); \
+            if (LEVEL <= __log_level) { \
+                std::stringstream __LOG_FORMAT; \
+                __LOG_FORMAT << FORMAT; \
+                __LOG_FUN(LEVEL, __LOG_FORMAT, ##__VA_ARGS__); \
             } \
         } while (0)
-#else
+
+#else // CYNARA_NO_LOGS
     #define __LOG(LEVEL, ...)
 #endif