From aa5a1a39a761c2cc9b0ccc6509d9595b8197c49a Mon Sep 17 00:00:00 2001 From: miker Date: Mon, 10 Mar 2008 12:04:57 +0000 Subject: [PATCH] Patch from Scott McKellar: This patch replaces several calls to fprintf() or printf() with calls to fputs(), where we don't use conversion specifications. Since fputs() doesn't have to parse the output text for conversions, it should be marginally more efficient than fprintf() or printf(). More importantly: in one case the output text comes in part from an input message, and may conceivably contain conversion specifications, whether inadvertently or maliciously. In that case, fprintf() would look for non-existent parameters to format into the output, resulting in undefined behavior. git-svn-id: svn://svn.open-ils.org/OpenSRF/trunk@1276 9efc2488-bf62-4759-914b-345cdb29e865 --- src/srfsh/srfsh.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/srfsh/srfsh.c b/src/srfsh/srfsh.c index 0458af3..68bfcd5 100644 --- a/src/srfsh/srfsh.c +++ b/src/srfsh/srfsh.c @@ -684,15 +684,15 @@ int send_request( char* server, double end = get_timestamp_millis(); - fprintf( less, resp_buffer->buf ); + fputs( resp_buffer->buf, less ); buffer_free( resp_buffer ); - fprintf( less, "\n------------------------------------\n"); + fputs("\n------------------------------------\n", less); if( osrf_app_session_request_complete( session, req_id )) - fprintf(less, "Request Completed Successfully\n"); + fputs("Request Completed Successfully\n", less); fprintf(less, "Request Time in seconds: %.6f\n", end - start ); - fprintf(less, "------------------------------------\n"); + fputs("------------------------------------\n", less); pclose(less); @@ -758,7 +758,7 @@ static int router_query_servers( const char* router_server ) { static int print_help( void ) { - printf( + fputs( "---------------------------------------------------------------------------------\n" "Commands:\n" "---------------------------------------------------------------------------------\n" @@ -804,8 +804,8 @@ static int print_help( void ) { "\n" "Note: long output is piped through 'less'. To search in 'less', type: /\n" "---------------------------------------------------------------------------------\n" - "\n" - ); + "\n", + stdout ); return 1; } -- 2.11.0