Fix compilation with -Werror=format-security

This patch avoids using fprintf with a string variable, i.e., fprintf(f, var). Such usage is discourage because if var can be attacker-controlled in any way, the application can be compromised. Therefore, -Werror=format-security complains about such usage. Better use fputs, which can't be misused, even though in this case the printed string is a constant.
OpenMandrivaSoftware · Aug 14, 2022 · 4543a0b · 4543a0b
1 parent 14a9cff
commit 4543a0b
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/ossp-slave.c b/ossp-slave.c
@@ -85,7 +85,7 @@ void ossp_slave_init(int argc, char **argv)
 	}
 
 	if (!have_uid || !have_gid || ossp_cmd_fd < 0 || ossp_notify_fd < 0) {
-		fprintf(stderr, usage);
+		fputs(usage, stderr);
 		_exit(1);
 	}
 
@@ -101,7 +101,7 @@ void ossp_slave_init(int argc, char **argv)
 		void *p;
 
 		if (!mmap_size) {
-			fprintf(stderr, usage);
+			fputs(usage, stderr);
 			_exit(1);
 		}
 

diff --git a/osspd.c b/osspd.c
@@ -2281,7 +2281,7 @@ static int process_arg(void *data, const char *arg, int key,
 
 	switch (key) {
 	case 0:
-		fprintf(stderr, usage);
+		fputs(usage, stderr);
 		param->help = 1;
 		return 0;
 	case 1: