From a63d9652757605ec5f7104addc5d38bf10ba8671 Mon Sep 17 00:00:00 2001 From: Wolfgang Denk Date: Mon, 28 Nov 2011 20:19:41 +0100 Subject: [PATCH] menu.c: use puts() instead of printf() where possible common/menu.c used printf() in a number of places to print user provided, constant strings (like the "title" string). printf() is dangerous here for example in case the user unwittingly embeds some '%' caracters that printf() would interpret as formatting and then pick up random arguments. Use puts() instead. We also omit the trailing ':' in the title line - if a user wants this, he can provide it as part of the title string. Signed-off-by: Wolfgang Denk --- common/menu.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/common/menu.c b/common/menu.c index f004823..ca1baef 100644 --- a/common/menu.c +++ b/common/menu.c @@ -87,10 +87,12 @@ static inline void *menu_item_print(struct menu *m, struct menu_item *item, void *extra) { - if (!m->item_data_print) - printf("%s\n", item->key); - else + if (!m->item_data_print) { + putc(item->key); + putc('\n'); + } else { m->item_data_print(item->data); + } return NULL; } @@ -117,8 +119,10 @@ static inline void *menu_item_destroy(struct menu *m, */ static inline void menu_display(struct menu *m) { - if (m->title) - printf("%s:\n", m->title); + if (m->title) { + puts(m->title); + putc('\n'); + } menu_items_iter(m, menu_item_print, NULL); } @@ -226,7 +230,7 @@ static inline int menu_interactive_choice(struct menu *m, void **choice) if (!choice_item) printf("%s not found\n", cbuf); } else { - printf("^C\n"); + puts("^C\n"); return -EINTR; } } -- 2.7.4