Index: trunk/src/conf_act.c =================================================================== --- trunk/src/conf_act.c (revision 28768) +++ trunk/src/conf_act.c (revision 28769) @@ -50,7 +50,7 @@ int res; va_list ap; va_start(ap, fmt); - res = pcb_append_vprintf((gds_t *)ctx, fmt, ap); + res = pcb_safe_append_vprintf((gds_t *)ctx, 0, fmt, ap); va_end(ap); return res; } Index: trunk/src/error.c =================================================================== --- trunk/src/error.c (revision 28768) +++ trunk/src/error.c (revision 28769) @@ -76,7 +76,7 @@ gds_enlarge(&tmp, sizeof(pcb_logline_t)); tmp.used = offsetof(pcb_logline_t, str); va_start(args, Format); - pcb_append_vprintf(&tmp, Format, args); + pcb_safe_append_vprintf(&tmp, 0, Format, args); va_end(args); /* add the header and link in */ Index: trunk/src/pcb-printf.c =================================================================== --- trunk/src/pcb-printf.c (revision 28768) +++ trunk/src/pcb-printf.c (revision 28769) @@ -420,7 +420,7 @@ * [in] args Arguments to specifier * * return 0 on success */ -int pcb_append_vprintf(gds_t *string, const char *fmt, va_list args) +int pcb_safe_append_vprintf(gds_t *string, pcb_safe_printf_t safe, const char *fmt, va_list args) { gds_t spec; const char *qstr, *needsq; @@ -735,7 +735,7 @@ str.alloced = 1<<31; str.no_realloc = 1; - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); va_end(args); return str.used; @@ -753,7 +753,7 @@ str.alloced = len; str.no_realloc = 1; - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); va_end(args); return str.used; @@ -769,7 +769,7 @@ str.alloced = len; str.no_realloc = 1; - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); return str.used; } @@ -795,7 +795,7 @@ if (fh == NULL) rv = -1; else { - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); rv = fprintf(fh, "%s", str.array); } @@ -812,7 +812,7 @@ gds_init(&str); va_start(args, fmt); - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); rv = printf("%s", str.array); va_end(args); @@ -828,7 +828,7 @@ gds_init(&str); va_start(args, fmt); - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); va_end(args); return str.array; /* no other allocation has been made */ @@ -839,13 +839,13 @@ gds_t str; gds_init(&str); - pcb_append_vprintf(&str, fmt, args); + pcb_safe_append_vprintf(&str, 0, fmt, args); return str.array; /* no other allocation has been made */ } -/* Wrapper for pcb_append_vprintf that appends to a string using vararg API */ +/* Wrapper for pcb_safe_append_vprintf that appends to a string using vararg API */ int pcb_append_printf(gds_t *str, const char *fmt, ...) { int retval; @@ -852,7 +852,7 @@ va_list args; va_start(args, fmt); - retval = pcb_append_vprintf(str, fmt, args); + retval = pcb_safe_append_vprintf(str, 0, fmt, args); va_end(args); return retval; Index: trunk/src/pcb-printf.h =================================================================== --- trunk/src/pcb-printf.h (revision 28768) +++ trunk/src/pcb-printf.h (revision 28769) @@ -113,8 +113,15 @@ char *pcb_strdup_vprintf(const char *fmt, va_list args); int pcb_append_printf(gds_t *str, const char *fmt, ...); -int pcb_append_vprintf(gds_t *string, const char *fmt, va_list args); + +typedef enum { /* bitmask for printf hardening */ + PCB_SAFEPRINT_NO_PTR = 1 /* do not interpret/resolve pointers (e.g. %s) */ +} pcb_safe_printf_t; + +/* Low level call that does the job */ +int pcb_safe_append_vprintf(gds_t *string, pcb_safe_printf_t safe, const char *fmt, va_list args); + /* Predefined slots (macros): %[n] will use the nth string from this list. The first 8 are user-definable. */ typedef enum { Index: trunk/src_plugins/io_kicad/read.c =================================================================== --- trunk/src_plugins/io_kicad/read.c (revision 28768) +++ trunk/src_plugins/io_kicad/read.c (revision 28769) @@ -144,7 +144,7 @@ pcb_append_printf(&str, "io_kicad parse error at %d.%d: ", subtree->line, subtree->col); va_start(ap, fmt); - pcb_append_vprintf(&str, fmt, ap); + pcb_safe_append_vprintf(&str, 0, fmt, ap); va_end(ap); gds_append(&str, '\n'); @@ -164,7 +164,7 @@ pcb_append_printf(&str, "io_kicad warning at %d.%d: ", subtree->line, subtree->col); va_start(ap, fmt); - pcb_append_vprintf(&str, fmt, ap); + pcb_safe_append_vprintf(&str, 0, fmt, ap); va_end(ap); gds_append(&str, '\n'); Index: trunk/src_plugins/io_lihata/read.c =================================================================== --- trunk/src_plugins/io_lihata/read.c (revision 28768) +++ trunk/src_plugins/io_lihata/read.c (revision 28769) @@ -91,7 +91,7 @@ gds_append_str(&str, ": "); va_start(ap, fmt); - pcb_append_vprintf(&str, fmt, ap); + pcb_safe_append_vprintf(&str, 0, fmt, ap); va_end(ap); pcb_message(PCB_MSG_ERROR, "%s", str.array); @@ -120,7 +120,7 @@ gds_append_str(&str, ": "); va_start(ap, fmt); - pcb_append_vprintf(&str, fmt, ap); + pcb_safe_append_vprintf(&str, 0, fmt, ap); va_end(ap); pcb_message(PCB_MSG_WARNING, "%s", str.array); Index: trunk/src_plugins/io_mentor_cell/read.c =================================================================== --- trunk/src_plugins/io_mentor_cell/read.c (revision 28768) +++ trunk/src_plugins/io_mentor_cell/read.c (revision 28769) @@ -146,7 +146,7 @@ gds_append_str(&str, ": "); va_start(ap, fmt); - pcb_append_vprintf(&str, fmt, ap); + pcb_safe_append_vprintf(&str, 0, fmt, ap); va_end(ap); pcb_message(PCB_MSG_ERROR, "%s", str.array); Index: trunk/src_plugins/lib_vfs/lib_vfs.c =================================================================== --- trunk/src_plugins/lib_vfs/lib_vfs.c (revision 28768) +++ trunk/src_plugins/lib_vfs/lib_vfs.c (revision 28769) @@ -499,7 +499,7 @@ int res; va_start(ap, fmt); - res = pcb_append_vprintf(buff, fmt, ap); + res = pcb_safe_append_vprintf(buff, 0, fmt, ap); va_end(ap); return res; }