[U-Boot] [PATCH] menu.c: use puts() instead of printf() where possible

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

* [U-Boot] [PATCH] menu.c: use puts() instead of printf() where possible
@ 2011-11-28 19:24 Wolfgang Denk
  2011-11-28 23:10 ` Mike Frysinger
  0 siblings, 1 reply; 3+ messages in thread
From: Wolfgang Denk @ 2011-11-28 19:24 UTC (permalink / raw)
  To: u-boot

common/menu.c used printf() in a number of places to print user
provided, constant strings (like the "title" string).  printf() is
dangerous here for example in case the user unwittingly embeds some
'%' caracters that printf() would interpret as formatting and then
pick up random arguments.  Use puts() instead.

We also omit the trailing ':' in the title line - if a user wants
this, he can provide it as part of the title string.

Signed-off-by: Wolfgang Denk <wd@denx.de>
---
total: 0 errors, 0 warnings, 35 lines checked
NOTE: Ignored message types: COMPLEX_MACRO CONSIDER_KSTRTO MINMAX MULTISTATEMENT_MACRO_USE_DO_WHILE
/tmp/patch has no obvious style problems and is ready for submission.

 common/menu.c |   16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/common/menu.c b/common/menu.c
index f004823..ca1baef 100644
--- a/common/menu.c
+++ b/common/menu.c
@@ -87,10 +87,12 @@ static inline void *menu_item_print(struct menu *m,
 				struct menu_item *item,
 				void *extra)
 {
-	if (!m->item_data_print)
-		printf("%s\n", item->key);
-	else
+	if (!m->item_data_print) {
+		putc(item->key);
+		putc('\n');
+	} else {
 		m->item_data_print(item->data);
+	}
 
 	return NULL;
 }
@@ -117,8 +119,10 @@ static inline void *menu_item_destroy(struct menu *m,
  */
 static inline void menu_display(struct menu *m)
 {
-	if (m->title)
-		printf("%s:\n", m->title);
+	if (m->title) {
+		puts(m->title);
+		putc('\n');
+	}
 
 	menu_items_iter(m, menu_item_print, NULL);
 }
@@ -226,7 +230,7 @@ static inline int menu_interactive_choice(struct menu *m, void **choice)
 			if (!choice_item)
 				printf("%s not found\n", cbuf);
 		} else {
-			printf("^C\n");
+			puts("^C\n");
 			return -EINTR;
 		}
 	}
-- 
1.7.6.4

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [U-Boot] [PATCH] menu.c: use puts() instead of printf() where possible
  2011-11-28 19:24 [U-Boot] [PATCH] menu.c: use puts() instead of printf() where possible Wolfgang Denk
@ 2011-11-28 23:10 ` Mike Frysinger
  2011-12-01 22:50   ` Wolfgang Denk
  0 siblings, 1 reply; 3+ messages in thread
From: Mike Frysinger @ 2011-11-28 23:10 UTC (permalink / raw)
  To: u-boot

On Monday 28 November 2011 14:24:49 Wolfgang Denk wrote:
> common/menu.c used printf() in a number of places to print user
> provided, constant strings (like the "title" string).  printf() is
> dangerous here for example in case the user unwittingly embeds some
> '%' caracters that printf() would interpret as formatting and then
> pick up random arguments.  Use puts() instead.

i'm not seeing this problem based on your patch below ...

> --- a/common/menu.c
> +++ b/common/menu.c
>
> -	if (!m->item_data_print)
> -		printf("%s\n", item->key);
> +		putc(item->key);
> +		putc('\n');

item->key is not passed as the first arg, so % sequences would not get 
interpreted

> -		printf("%s:\n", m->title);
> +		puts(m->title);
> +		putc('\n');

same here

> -			printf("^C\n");
> +			puts("^C\n");

this change makes sense, but not for any of the reasons cited in the 
changelog; this looks like a simple optimization ...
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20111128/f5b1ecac/attachment.pgp>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [U-Boot] [PATCH] menu.c: use puts() instead of printf() where possible
  2011-11-28 23:10 ` Mike Frysinger
@ 2011-12-01 22:50   ` Wolfgang Denk
  0 siblings, 0 replies; 3+ messages in thread
From: Wolfgang Denk @ 2011-12-01 22:50 UTC (permalink / raw)
  To: u-boot

Dear Mike Frysinger,

In message <201111281810.03260.vapier@gentoo.org> you wrote:
> 
> On Monday 28 November 2011 14:24:49 Wolfgang Denk wrote:
> > common/menu.c used printf() in a number of places to print user
> > provided, constant strings (like the "title" string).  printf() is
> > dangerous here for example in case the user unwittingly embeds some
> > '%' caracters that printf() would interpret as formatting and then
> > pick up random arguments.  Use puts() instead.
> 
> i'm not seeing this problem based on your patch below ...

Yes, you are right.  I was incorrectly extrapolating from another
issue fixed elsewhere.

> > -			printf("^C\n");
> > +			puts("^C\n");
> 
> this change makes sense, but not for any of the reasons cited in the 
> changelog; this looks like a simple optimization ...

True.  But d*mn, I have messed this up, and it sneaked into the master
branch already.

Sorry...

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,     MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
If there was anything that depressed him more than his own  cynicism,
it was that quite often it still wasn't as cynical as real life.
                                 - Terry Pratchett, _Guards! Guards!_

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2011-12-01 22:50 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-11-28 19:24 [U-Boot] [PATCH] menu.c: use puts() instead of printf() where possible Wolfgang Denk
2011-11-28 23:10 ` Mike Frysinger
2011-12-01 22:50   ` Wolfgang Denk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox