diff --git a/cmake/compiler/gcc/settings.cmake b/cmake/compiler/gcc/settings.cmake index b037a4ea6..87ff6e939 100644 --- a/cmake/compiler/gcc/settings.cmake +++ b/cmake/compiler/gcc/settings.cmake @@ -2,6 +2,7 @@ target_compile_options(zm-warning-interface INTERFACE -Wall -Wextra + -Wformat-security -Wno-cast-function-type -Wno-type-limits -Wno-unused-parameter) diff --git a/src/zm_remote_camera_http.cpp b/src/zm_remote_camera_http.cpp index e7458b251..d3ba95df0 100644 --- a/src/zm_remote_camera_http.cpp +++ b/src/zm_remote_camera_http.cpp @@ -105,7 +105,7 @@ void RemoteCameraHttp::Initialise() { request += stringtf( "User-Agent: %s/%s\r\n", config.http_ua, ZM_VERSION ); request += stringtf( "Host: %s\r\n", host.c_str()); if ( strcmp( config.http_version, "1.0" ) == 0 ) - request += stringtf( "Connection: Keep-Alive\r\n" ); + request += "Connection: Keep-Alive\r\n"; if ( !auth.empty() ) request += stringtf( "Authorization: Basic %s\r\n", auth64.c_str() ); request += "\r\n"; @@ -362,7 +362,7 @@ int RemoteCameraHttp::GetResponse() { request += stringtf( "User-Agent: %s/%s\r\n", config.http_ua, ZM_VERSION ); request += stringtf( "Host: %s\r\n", host.c_str()); if ( strcmp( config.http_version, "1.0" ) == 0 ) - request += stringtf( "Connection: Keep-Alive\r\n" ); + request += "Connection: Keep-Alive\r\n"; request += mAuthenticator->getAuthHeader( "GET", path.c_str() ); request += "\r\n"; @@ -738,7 +738,7 @@ int RemoteCameraHttp::GetResponse() { request += stringtf("User-Agent: %s/%s\r\n", config.http_ua, ZM_VERSION); request += stringtf("Host: %s\r\n", host.c_str()); if ( strcmp(config.http_version, "1.0") == 0 ) - request += stringtf("Connection: Keep-Alive\r\n"); + request += "Connection: Keep-Alive\r\n"; request += mAuthenticator->getAuthHeader("GET", path.c_str()); request += "\r\n"; diff --git a/src/zm_utils.cpp b/src/zm_utils.cpp index de5748e80..49aedffcc 100644 --- a/src/zm_utils.cpp +++ b/src/zm_utils.cpp @@ -65,34 +65,6 @@ std::string replaceAll(std::string str, std::string from, std::string to) { return str; } -const std::string stringtf( const char *format, ... ) { - va_list ap; - char tempBuffer[8192]; - std::string tempString; - - va_start(ap, format); - vsnprintf(tempBuffer, sizeof(tempBuffer), format , ap); - va_end(ap); - - tempString = tempBuffer; - - return tempString; -} - -const std::string stringtf(const std::string format, ...) { - va_list ap; - char tempBuffer[8192]; - std::string tempString; - - va_start(ap, format); - vsnprintf(tempBuffer, sizeof(tempBuffer), format.c_str(), ap); - va_end(ap); - - tempString = tempBuffer; - - return tempString; -} - bool startsWith(const std::string &haystack, const std::string &needle) { return ( haystack.substr(0, needle.length()) == needle ); } diff --git a/src/zm_utils.h b/src/zm_utils.h index f29bae2e3..ccd73bf2b 100644 --- a/src/zm_utils.h +++ b/src/zm_utils.h @@ -23,8 +23,9 @@ #include #include #include -#include +#include #include +#include #include typedef std::vector StringVector; @@ -33,8 +34,16 @@ std::string trimSpaces(const std::string &str); std::string trimSet(std::string str, std::string trimset); std::string replaceAll(std::string str, std::string from, std::string to); -const std::string stringtf( const char *format, ... ); -const std::string stringtf( const std::string &format, ... ); +template +std::string stringtf(const std::string &format, Args... args) { + int size = snprintf(nullptr, 0, format.c_str(), args...) + 1; // Extra space for '\0' + if (size <= 0) { + throw std::runtime_error("Error during formatting."); + } + std::unique_ptr buf(new char[size]); + snprintf(buf.get(), size, format.c_str(), args...); + return std::string(buf.get(), buf.get() + size - 1); // We don't want the '\0' inside +} bool startsWith( const std::string &haystack, const std::string &needle ); StringVector split( const std::string &string, const std::string &chars, int limit=0 );