client/tripectl.c: Fix stupid format-string bugs.

Possibly exploitable, but tripe's admin interface isn't usually a
security boundary.

diff --git a/client/tripectl.c b/client/tripectl.c
index e5f086fdc5cee05d7ed9aba49731ea7f73510258..95f95f44ba5ba07c5e95375200a4322056764f43 100644 (file)
--- a/client/tripectl.c
+++ b/client/tripectl.c
@@ -163,9 +163,9 @@ static void cline(char *p, size_t len, void *b)
   if (!q)
     return;
   if (strcmp(q, "WARN") == 0)
   if (!q)
     return;
   if (strcmp(q, "WARN") == 0)

-    dolog(LOG_WARNING, p);
+    dolog(LOG_WARNING, "%s", p);

   else if (strcmp(q, "TRACE") == 0)
   else if (strcmp(q, "TRACE") == 0)

-    dolog(LOG_DEBUG, p);
+    dolog(LOG_DEBUG, "%s", p);

   else if (!(f & f_command))
     dolog(LOG_ERR, "unexpected output `%s %s'", q, p);
   else if (strcmp(q, "FAIL") == 0) {
   else if (!(f & f_command))
     dolog(LOG_ERR, "unexpected output `%s %s'", q, p);
   else if (strcmp(q, "FAIL") == 0) {


@@ -285,7 +285,7 @@ static void logfile(const char *name)
     if (logfp)
       writelog("error", d.buf);
     else if (logname)
     if (logfp)
       writelog("error", d.buf);
     else if (logname)

-      die(EXIT_FAILURE, d.buf);
+      die(EXIT_FAILURE, "%s", d.buf);

     if (f & f_syslog)
       syslog(LOG_ERR, "%s", d.buf);
     dstr_destroy(&d);
     if (f & f_syslog)
       syslog(LOG_ERR, "%s", d.buf);
     dstr_destroy(&d);