From 1f9228316c3177fa632979fa89e8753d35770efb Mon Sep 17 00:00:00 2001
From: Dana Robinson <43805+derobins@users.noreply.github.com>
Date: Fri, 11 Mar 2022 11:10:20 -0800
Subject: Fixes for format string warnings raised by
 -Wformat=2/-Wformat-security (#1489)

---
 config/clang-warnings/developer-general |  1 -
 config/clang-warnings/general           | 16 +++++-----------
 config/gnu-warnings/cxx-general         |  1 -
 config/gnu-warnings/developer-general   |  3 ---
 config/gnu-warnings/general             | 14 ++++----------
 tools/lib/h5tools_str.c                 |  2 +-
 tools/src/h5ls/h5ls.c                   |  6 +++---
 7 files changed, 13 insertions(+), 30 deletions(-)

diff --git a/config/clang-warnings/developer-general b/config/clang-warnings/developer-general
index 74d8404..b80552f 100644
--- a/config/clang-warnings/developer-general
+++ b/config/clang-warnings/developer-general
@@ -1,4 +1,3 @@
--Wformat-nonliteral
 -Wmissing-noreturn
 -Wsometimes-uninitialized
 -Wswitch-enum
diff --git a/config/clang-warnings/general b/config/clang-warnings/general
index f0c9b93..433dff9 100644
--- a/config/clang-warnings/general
+++ b/config/clang-warnings/general
@@ -8,19 +8,13 @@
 -Wformat=2
 -Wframe-larger-than=16384
 -Wimplicit-fallthrough
-#
-# NOTE: Due to the divergence in the C and C++, we're dropping support for
-# compiling the C library with a C++ compiler and dropping the -Wc++-compat
-# warning.
-#
--Wno-c++-compat
-#
-# NOTE: Disable the -Wformat-nonliteral from -Wformat=2 here and re-add
-# it to the developer flags.
-#
--Wno-format-nonliteral
 -Wnull-dereference
 -Wunused-const-variable
 -Wwrite-strings
 -Wpedantic
 -Wvolatile-register-var
+# NOTE: Due to the divergence in the C and C++, we're dropping support for
+# compiling the C library with a C++ compiler and dropping the -Wc++-compat
+# warning.
+#
+-Wno-c++-compat
diff --git a/config/gnu-warnings/cxx-general b/config/gnu-warnings/cxx-general
index 9548cc0..1626524 100644
--- a/config/gnu-warnings/cxx-general
+++ b/config/gnu-warnings/cxx-general
@@ -17,7 +17,6 @@
 -Winit-self
 -Winvalid-pch
 -Wmissing-include-dirs
--Wno-format-nonliteral
 -Wnon-virtual-dtor
 -Wold-style-cast
 -Woverloaded-virtual
diff --git a/config/gnu-warnings/developer-general b/config/gnu-warnings/developer-general
index b34c4b7..460b874 100644
--- a/config/gnu-warnings/developer-general
+++ b/config/gnu-warnings/developer-general
@@ -1,9 +1,6 @@
 # (suggestions from gcc, not code problems)
-# NOTE: -Wformat-nonliteral added back in here (from being disabled in
-# H5_CFLAGS)
 -Waggregate-return
 -Wdisabled-optimization
--Wformat-nonliteral
 -Winline
 -Wmissing-format-attribute
 -Wmissing-noreturn
diff --git a/config/gnu-warnings/general b/config/gnu-warnings/general
index a7a20b7..df4c613 100644
--- a/config/gnu-warnings/general
+++ b/config/gnu-warnings/general
@@ -15,18 +15,12 @@
 -Winit-self
 -Winvalid-pch
 -Wmissing-include-dirs
-#
+-Wshadow
+-Wundef
+-Wwrite-strings
+-pedantic
 # NOTE: Due to the divergence in the C and C++, we're dropping support for
 # compiling the C library with a C++ compiler and dropping the -Wc++-compat
 # warning.
 #
 -Wno-c++-compat
-#
-# NOTE: Disable the -Wformat-nonliteral from -Wformat=2 here and re-add
-# it to the developer flags.
-#
--Wno-format-nonliteral
--Wshadow
--Wundef
--Wwrite-strings
--pedantic
diff --git a/tools/lib/h5tools_str.c b/tools/lib/h5tools_str.c
index 7ad6a65..5976044 100644
--- a/tools/lib/h5tools_str.c
+++ b/tools/lib/h5tools_str.c
@@ -1051,7 +1051,7 @@ h5tools_str_sprint(h5tools_str_t *str, const h5tool_format_t *info, hid_t contai
 
                 H5TOOLS_DEBUG("H5T_ENUM");
                 if (H5Tenum_nameof(type, vp, enum_name, sizeof enum_name) >= 0)
-                    h5tools_str_append(str, h5tools_escape(enum_name, sizeof(enum_name)));
+                    h5tools_str_append(str, "%s", h5tools_escape(enum_name, sizeof(enum_name)));
                 else {
                     size_t i;
                     if (1 == nsize)
diff --git a/tools/src/h5ls/h5ls.c b/tools/src/h5ls/h5ls.c
index a27a8cc..59cd974 100644
--- a/tools/src/h5ls/h5ls.c
+++ b/tools/src/h5ls/h5ls.c
@@ -2299,7 +2299,7 @@ list_lnk(const char *name, const H5L_info2_t *linfo, void *_iter)
                 iter->symlink_list->dangle_link = TRUE;
 
             h5tools_str_append(&buffer, "Soft Link {");
-            h5tools_str_append(&buffer, buf);
+            h5tools_str_append(&buffer, "%s", buf);
             h5tools_str_append(&buffer, "}");
             h5tools_render_element(rawoutstream, info, &ctx, &buffer, &curr_pos, (size_t)info->line_ncols,
                                    (hsize_t)0, (hsize_t)0);
@@ -2367,11 +2367,11 @@ list_lnk(const char *name, const H5L_info2_t *linfo, void *_iter)
                 goto done;
 
             h5tools_str_append(&buffer, "External Link {");
-            h5tools_str_append(&buffer, filename);
+            h5tools_str_append(&buffer, "%s", filename);
             h5tools_str_append(&buffer, "/");
             if (*path != '/')
                 h5tools_str_append(&buffer, "/");
-            h5tools_str_append(&buffer, path);
+            h5tools_str_append(&buffer, "%s", path);
             h5tools_str_append(&buffer, "}");
             h5tools_render_element(rawoutstream, info, &ctx, &buffer, &curr_pos, (size_t)info->line_ncols,
                                    (hsize_t)0, (hsize_t)0);
-- 
cgit v0.12