hs_service.c: compile-time warning with GCC 9.1.1
I tried building with GCC 9.1.1 for the first time, and got various warnings.
make[1]: Entering directory '/home/nickm/src/tor-035'
CC src/feature/hs/hs_service.o
In file included from ./src/lib/crypt_ops/crypto_rsa.h:21,
from ./src/core/or/or.h:32,
from src/feature/hs/hs_service.c:11:
In function ‘load_client_keys’,
inlined from ‘load_service_keys’ at src/feature/hs/hs_service.c:1090:7,
inlined from ‘hs_service_load_all_keys’ at src/feature/hs/hs_service.c:4010:9:
./src/lib/log/log.h:244:3: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
244 | log_fn_(LOG_WARN, domain, __FUNCTION__, args, ##__VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/feature/hs/hs_service.c:1267:7: note: in expansion of macro ‘log_warn’
1267 | log_warn(LD_REND, "Client authorization file %s can't be read. "
| ^~~~~~~~
src/feature/hs/hs_service.c: In function ‘hs_service_load_all_keys’:
src/feature/hs/hs_service.c:1267:52: note: format string is defined here
1267 | log_warn(LD_REND, "Client authorization file %s can't be read. "
| ^~
cc1: all warnings being treated as errors
make[1]: *** [Makefile:9877: src/feature/hs/hs_service.o] Error 1
CC src/feature/hs/core_libtor_app_testing_a-hs_service.o
In file included from ./src/lib/crypt_ops/crypto_rsa.h:21,
from ./src/core/or/or.h:32,
from src/feature/hs/hs_service.c:11:
In function ‘load_client_keys’,
inlined from ‘load_service_keys’ at src/feature/hs/hs_service.c:1090:7,
inlined from ‘hs_service_load_all_keys’ at src/feature/hs/hs_service.c:4010:9:
./src/lib/log/log.h:244:3: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
244 | log_fn_(LOG_WARN, domain, __FUNCTION__, args, ##__VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/feature/hs/hs_service.c:1267:7: note: in expansion of macro ‘log_warn’
1267 | log_warn(LD_REND, "Client authorization file %s can't be read. "
| ^~~~~~~~
src/feature/hs/hs_service.c: In function ‘hs_service_load_all_keys’:
src/feature/hs/hs_service.c:1267:52: note: format string is defined here
1267 | log_warn(LD_REND, "Client authorization file %s can't be read. "
| ^~
cc1: all warnings being treated as errors
make[1]: *** [Makefile:11111: src/feature/hs/core_libtor_app_testing_a-hs_service.o] Error 1
make[1]: Target 'all-am' not remade because of errors.
make[1]: Leaving directory '/home/nickm/src/tor-035'
make: *** [Makefile:5788: all] Error 2
[1016]$
It looks like this is a real bug: when there's something wrong with the client authorization file, we first free and null the file, and only log its contents afterwards.
This appears to affect 0.3.5 and later.