From e8aa5f24d6837f0b410f2779ae82aa4b4beb9f7e Mon Sep 17 00:00:00 2001
From: Tim Duesterhus <tim@bastelstu.be>
Date: Wed, 19 Feb 2020 11:41:13 +0100
Subject: [PATCH] BUG/MINOR: ssl: Stop passing dynamic strings as format
 arguments
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

gcc complains rightfully:

src/ssl_sock.c: In function ‘ssl_load_global_issuers_from_path’:
src/ssl_sock.c:9860:4: warning: format not a string literal and no format arguments [-Wformat-security]
    ha_warning(warn);
    ^

Introduced in 70df7bf19cebd5593c0abb01923e6c9f72961da6.
---
 src/ssl_sock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e30bb8a6c..ade5ffc84 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -9857,7 +9857,7 @@ static int ssl_load_global_issuers_from_path(char **args, int section_type, stru
 			goto next;
 		ssl_load_global_issuer_from_BIO(in, fp, &warn);
 		if (warn) {
-			ha_warning(warn);
+			ha_warning("%s", warn);
 			free(warn);
 			warn = NULL;
 		}