mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-31 23:05:43 +00:00
Fix printf escape errors in shell scripts
Fix `printf "$foo"` which treats the value of `foo` as a printf format rather than a string. I used the following command to find potentially problematic lines: ``` git ls-files '*.sh' | xargs egrep 'printf +("?[^"]*|[^ ]*)\$' ``` The remaining ones are false positives for this regexp. The errors only had minor consequences: the output of `ssl-opt.sh` contained lines like ``` Renegotiation: gnutls server strict, client-initiated .................. ./tests/ssl-opt.sh: 741: printf: %S: invalid directive PASS ``` and in case of failure the GnuTLS command containing a substring like `--priority=NORMAL:%SAFE_RENEGOTIATION` was not included in the log file. With the current tests, there was no risk of a test failure going undetected. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
663d0993ec
commit
ffdcadf084
|
@ -117,12 +117,12 @@ PEERS="OpenSSL$PEER_GNUTLS mbedTLS"
|
||||||
print_usage() {
|
print_usage() {
|
||||||
echo "Usage: $0"
|
echo "Usage: $0"
|
||||||
printf " -h|--help\tPrint this help.\n"
|
printf " -h|--help\tPrint this help.\n"
|
||||||
printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')\n"
|
printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '%s')\n" "$FILTER"
|
||||||
printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')\n"
|
printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '%s')\n" "$EXCLUDE"
|
||||||
printf " -m|--modes\tWhich modes to perform (Default: '$MODES')\n"
|
printf " -m|--modes\tWhich modes to perform (Default: '%s')\n" "$MODES"
|
||||||
printf " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')\n"
|
printf " -t|--types\tWhich key exchange type to perform (Default: '%s')\n" "$TYPES"
|
||||||
printf " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')\n"
|
printf " -V|--verify\tWhich verification modes to perform (Default: '%s')\n" "$VERIFIES"
|
||||||
printf " -p|--peers\tWhich peers to use (Default: '$PEERS')\n"
|
printf " -p|--peers\tWhich peers to use (Default: '%s')\n" "$PEERS"
|
||||||
printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
|
printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
|
||||||
printf " -M|--memcheck\tCheck memory leaks and errors.\n"
|
printf " -M|--memcheck\tCheck memory leaks and errors.\n"
|
||||||
printf " -v|--verbose\tSet verbose output.\n"
|
printf " -v|--verbose\tSet verbose output.\n"
|
||||||
|
@ -1134,7 +1134,7 @@ run_client() {
|
||||||
VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
|
VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
|
||||||
TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`"
|
TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`"
|
||||||
TITLE="$TITLE $MODE,$VERIF $2"
|
TITLE="$TITLE $MODE,$VERIF $2"
|
||||||
printf "$TITLE "
|
printf "%s " "$TITLE"
|
||||||
LEN=$(( 72 - `echo "$TITLE" | wc -c` ))
|
LEN=$(( 72 - `echo "$TITLE" | wc -c` ))
|
||||||
for i in `seq 1 $LEN`; do printf '.'; done; printf ' '
|
for i in `seq 1 $LEN`; do printf '.'; done; printf ' '
|
||||||
|
|
||||||
|
|
|
@ -92,7 +92,7 @@ fi
|
||||||
diff macros identifiers | sed -n -e 's/< //p' > actual-macros
|
diff macros identifiers | sed -n -e 's/< //p' > actual-macros
|
||||||
|
|
||||||
for THING in actual-macros enum-consts; do
|
for THING in actual-macros enum-consts; do
|
||||||
printf "Names of $THING: "
|
printf 'Names of %s: ' "$THING"
|
||||||
test -r $THING
|
test -r $THING
|
||||||
BAD=$( grep -v '^MBEDTLS_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
|
BAD=$( grep -v '^MBEDTLS_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
|
||||||
if [ "x$BAD" = "x" ]; then
|
if [ "x$BAD" = "x" ]; then
|
||||||
|
@ -105,7 +105,7 @@ for THING in actual-macros enum-consts; do
|
||||||
done
|
done
|
||||||
|
|
||||||
for THING in identifiers; do
|
for THING in identifiers; do
|
||||||
printf "Names of $THING: "
|
printf 'Names of %s: ' "$THING"
|
||||||
test -r $THING
|
test -r $THING
|
||||||
BAD=$( grep -v '^mbedtls_[0-9a-z_]*[0-9a-z]$' $THING || true )
|
BAD=$( grep -v '^mbedtls_[0-9a-z_]*[0-9a-z]$' $THING || true )
|
||||||
if [ "x$BAD" = "x" ]; then
|
if [ "x$BAD" = "x" ]; then
|
||||||
|
|
|
@ -384,7 +384,7 @@ print_name() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
LINE="$LINE$1"
|
LINE="$LINE$1"
|
||||||
printf "$LINE "
|
printf "%s " "$LINE"
|
||||||
LEN=$(( 72 - `echo "$LINE" | wc -c` ))
|
LEN=$(( 72 - `echo "$LINE" | wc -c` ))
|
||||||
for i in `seq 1 $LEN`; do printf '.'; done
|
for i in `seq 1 $LEN`; do printf '.'; done
|
||||||
printf ' '
|
printf ' '
|
||||||
|
@ -662,12 +662,12 @@ run_test() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
check_osrv_dtls
|
check_osrv_dtls
|
||||||
printf "# $NAME\n$SRV_CMD\n" > $SRV_OUT
|
printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
|
||||||
provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
|
provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
|
||||||
SRV_PID=$!
|
SRV_PID=$!
|
||||||
wait_server_start "$SRV_PORT" "$SRV_PID"
|
wait_server_start "$SRV_PORT" "$SRV_PID"
|
||||||
|
|
||||||
printf "# $NAME\n$CLI_CMD\n" > $CLI_OUT
|
printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
|
||||||
eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
|
eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
|
||||||
wait_client_done
|
wait_client_done
|
||||||
|
|
||||||
|
@ -1877,12 +1877,12 @@ run_test "Session resume using cache, DTLS: openssl server" \
|
||||||
# Tests for Max Fragment Length extension
|
# Tests for Max Fragment Length extension
|
||||||
|
|
||||||
if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
|
if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
|
||||||
printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n"
|
printf '%s defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ $MAX_CONTENT_LEN -ne 16384 ]; then
|
if [ $MAX_CONTENT_LEN -ne 16384 ]; then
|
||||||
printf "Using non-default maximum content length $MAX_CONTENT_LEN\n"
|
echo "Using non-default maximum content length $MAX_CONTENT_LEN"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
@ -2823,14 +2823,14 @@ MAX_IM_CA='8'
|
||||||
MAX_IM_CA_CONFIG=$( ../scripts/config.pl get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
|
MAX_IM_CA_CONFIG=$( ../scripts/config.pl get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
|
||||||
|
|
||||||
if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
|
if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
|
||||||
printf "The ${CONFIG_H} file contains a value for the configuration of\n"
|
cat <<EOF
|
||||||
printf "MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script’s\n"
|
${CONFIG_H} contains a value for the configuration of
|
||||||
printf "test value of ${MAX_IM_CA}. \n"
|
MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script's
|
||||||
printf "\n"
|
test value of ${MAX_IM_CA}.
|
||||||
printf "The tests assume this value and if it changes, the tests in this\n"
|
|
||||||
printf "script should also be adjusted.\n"
|
|
||||||
printf "\n"
|
|
||||||
|
|
||||||
|
The tests assume this value and if it changes, the tests in this
|
||||||
|
script should also be adjusted.
|
||||||
|
EOF
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue