8373474: 2 Unintentional format string defect groups in jabswitch.cpp

[DamonGuy]

This issue is not currently causing any problems, but I am adding specifiers to explicitly print these strings. This is to avoid any issues down the line where changes to the lines building the string can cause any accidental formatting. Overall, this should be a harmless update and improves the stability and reliability of printing these strings.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8373474: 2 Unintentional format string defect groups in jabswitch.cpp (Bug - P3)

Reviewers

• Alexander Zvegintsev (@azvegint - Reviewer) Review applies to b4bef299
• Alexey Ivanov (@aivanov-jdk - Reviewer)
• Phil Race (@prrace - Reviewer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/28949/head:pull/28949
$ git checkout pull/28949

Update a local copy of the PR:
$ git checkout pull/28949
$ git pull https://git.openjdk.org/jdk.git pull/28949/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 28949

View PR using the GUI difftool:
$ git pr show -t 28949

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/28949.diff

Using Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back dnguyen! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@DamonGuy This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8373474: 2 Unintentional format string defect groups in jabswitch.cpp

Reviewed-by: aivanov, prr, azvegint

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 132 new commits pushed to the master branch:

• f5249db: 8374233: Overloaded constructor MountUnmountDisabler(jthread thread) is missed
• 61cb6d7: 8374232: Comment cleanup in diagnosticCommand.cpp
• 8d80bac: 8374296: Comment clean up in os_linux.cpp
• ... and 129 more: https://git.openjdk.org/jdk/compare/b6319f5b42738cc760711a3b8b5d442d14a0ed74...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

[openjdk]

@DamonGuy The following label will be automatically applied to this pull request:

• client

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

[mlbridge]

Webrevs

• 04: Full - Incremental (2cc83b24)
• 03: Full - Incremental (e17b09aa)
• 02: Full - Incremental (ebbafcfb)
• 01: Full - Incremental (b4bef299)
• 00: Full (3b1f27c2)

[prrace]

I don't think it is what Alexander meant.
I am not sure doing the above would even resolve the complaint because there's still no format string.

I think he meant it should look like
fprintf(origfile, "%s",
"assistive_technologies=com.sun.java.accessibility.AccessBridge\n"screen_magnifier_present=true\n");
or
fprintf(origfile, "%s",
"assistive_technologies=com.sun.java.accessibility.AccessBridge\n" "screen_magnifier_present=true\n");
if you really want to use the automatic concatenation, but I had to check to be sure it would work so ..

[DamonGuy]

I see your point. I'll leave it as separated again just in case the string literal is updated with anything that can be misinterpreted as a specifier.

[azvegint]

I don't think it is what Alexander meant.

Damon understood me correctly. That's what I meant.
#28949 (comment)

I am not sure doing the above would even resolve the complaint because there's still no format string.

It should.

before:

fprintf(origFile, str); // using `str` variable as format string > parfait complains

after:

  fprintf(origFile,
      "assistive_technologies=com.sun.java.accessibility.AccessBridge\n"
      "screen_magnifier_present=true\n"); 

Here, we provide a format string(without the format specifiers), not the variable.
It's essentially identical to the code on line 301, printf("Unable to get version info.\n");, parfait didn't complain about that line.

if you really want to use the automatic concatenation, but I had to check to be sure it would work so ..

It is in the standard, so I don't see any reason not to use it:
https://en.cppreference.com/w/cpp/language/string_literal.html#Concatenation

So, in my opinion, the variable str is unnecessary here.

---

just in case the string literal is updated with anything that can be misinterpreted as a specifier.

I suppose it should be detected during the review process for such a change. Currently, there are no format specifiers being used.

[prrace]

OK fair enough.

[aivanov-jdk]

Why can't we use fputs?

                fputs("assistive_technologies=com.sun.java.accessibility.AccessBridge\n"
                      "screen_magnifier_present=true\n",
                      origFile);

No format strings avoid any possible ambiguity and it's much faster as the string is output verbatim without any additional logic to parse a format string and to process the arguments.

[aivanov-jdk]

I guess the same comment applies here:

A similar pattern is used elsewhere in this file. And I don't want this fix to become a reworking of this code, because that isn't a goal here.

Thus, fprintf is fine.

Similarly, it could be worth cleaning up the code to simplify the logic by not using formatted output where it's not needed.

[aivanov-jdk]

Why can't we use fputs?

                fputs("assistive_technologies=com.sun.java.accessibility.AccessBridge\n"
                      "screen_magnifier_present=true\n",
                      origFile);

No format strings avoid any possible ambiguity and it's much faster as the string is output verbatim without any additional logic to parse a format string and to process the arguments.

[aivanov-jdk]

If versionString isn't used for anything else, we can remove the versionString variable and the call to sprintf_s and put the arguments to print the version directly into the printf call.

[aivanov-jdk]

I guess the same comment applies here:

A similar pattern is used elsewhere in this file. And I don't want this fix to become a reworking of this code, because that isn't a goal here.

Thus, fprintf is fine.

Similarly, it could be worth cleaning up the code to simplify the logic by not using formatted output where it's not needed.

[DamonGuy]

/integrate

[openjdk]

Going to push as commit 72e1e15.
Since your change was applied there have been 132 commits pushed to the master branch:

• f5249db: 8374233: Overloaded constructor MountUnmountDisabler(jthread thread) is missed
• 61cb6d7: 8374232: Comment cleanup in diagnosticCommand.cpp
• 8d80bac: 8374296: Comment clean up in os_linux.cpp
• ... and 129 more: https://git.openjdk.org/jdk/compare/b6319f5b42738cc760711a3b8b5d442d14a0ed74...master

Your commit was automatically rebased without conflicts.

[openjdk]

@DamonGuy Pushed as commit 72e1e15.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.