format-security warnings
Opened this issue · 1 comments
rabidt commented
Seeing many of these warnings due to using a non-literal string as 2nd argument to send_to_char.
It's important to resolve these since if somehow the non-literal string has format specifiers, bad stuff can happen.
Simple resolution would be to use "%s" as the format arg and pass the current format arg after that.
Otherwise it may be useful to have separate send_to_char and sendf_to_char functions in the future.
rabidt commented
spec_procs.c: In function \u2018zone_yell\u2019:
spec_procs.c:1571:9: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(i, buf);
^~~~~~~~~~~~
spec_procs.c: In function \u2018feybranche\u2019:
spec_procs.c:2219:25: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(i, buf);
^~~
spec_procs.c: In function \u2018agrachdyrr\u2019:
spec_procs.c:2311:25: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(i, buf);
^~~
spec_procs.c: In function \u2018shobalar\u2019:
spec_procs.c:2358:25: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(i, buf);
^~~
spec_procs.c: In function \u2018guild\u2019:
spec_procs.c:2710:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, CONFIG_OK);
^~~~~~~~~~~~
spec_procs.c:2717:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, CONFIG_OK);
^~~~~~~~~~~~
spec_procs.c:2730:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, CONFIG_OK);
^~~~~~~~~~~~
spec_procs.c:2737:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, CONFIG_OK);
^~~~~~~~~~~~
spec_procs.c:2750:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, CONFIG_OK);
^~~~~~~~~~~~
spec_procs.c:2757:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, CONFIG_OK);
^~~~~~~~~~~~
spec_procs.c: In function \u2018secomber_guard\u2019:
spec_procs.c:3579:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~~~~~~~~~~
spec_procs.c: In function \u2018practice_dummy\u2019:
spec_procs.c:3688:31: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_room(ch->in_room, buf);
^~~
spec_procs.c: In function \u2018harpell\u2019:
spec_procs.c:4075:25: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(i, buf);
^~~
spec_procs.c: In function \u2018move_ship\u2019:
spec_procs.c:5121:48: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_room(real_room(ship_info[i][0]), buf2);
^~~~
spec_procs.c:5123:9: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_room(real_room(ship_info[i][0]), msg);
^~~~~~~~~~~~
hsedit.c: In function \u2018hsedit_owner_menu\u2019:
hsedit.c:274:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hsedit.c: In function \u2018hsedit_dir_menu\u2019:
hsedit.c:327:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hsedit.c: In function \u2018hsedit_disp_guest_menu\u2019:
hsedit.c:387:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hsedit.c: In function \u2018hsedit_disp_menu\u2019:
hsedit.c:530:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
zone_procs.c: In function \u2018abyss_randomizer\u2019:
zone_procs.c:973:23: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(i, buf);
^~~
zone_procs.c: In function \u2018send_to_cube\u2019:
zone_procs.c:3263:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, echo);
^~~~~~~~~~~~
act.informative.c: In function \u2018look_at_room_number\u2019:
act.informative.c:1015:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, world[room_number].name);
^~~~~~~~~~~~
act.informative.c:1034:22: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf2);
^~~~
act.informative.c:1037:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, world[room_number].name);
^~~~~~~~~~~~
act.informative.c:1047:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, world[room_number].description);
^~~~~~~~~~~~
act.informative.c: In function \u2018perform_abilities\u2019:
act.informative.c:2363:7: warning: format not a string literal and no format arguments [-Wformat-security]
sprintf(buf, feat_types[feat_list[i].feat_type]);
^~~~~~~
hedit.c: In function \u2018hedit_delete_entry\u2019:
hedit.c:283:32: warning: format not a string literal and no format arguments [-Wformat-security]
mudlog(NRM, LVL_STAFF, TRUE, buf);
^~~
medit.c: In function \u2018medit_disp_size\u2019:
medit.c:440:24: warning: format not a string literal and no format arguments [-Wformat-security]
write_to_output(d, buf);
^~~
act.movement.c: In function \u2018do_pullswitch\u2019:
act.movement.c:3536:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_room(ch->in_room, obj->action_description);
^~~~~~~~~~~~
dg_variables.c: In function \u2018find_replacement\u2019:
dg_variables.c:1242:13: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(str, slen, race_list[GET_RACE(c)].type);
^~~~~~~~
dg_variables.c:1554:13: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(str, slen, race_list[GET_RACE(c)].type);
^~~~~~~~
dg_variables.c:1575:13: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(str, slen, race_list[GET_RACE(c)].type);
^~~~~~~~
dg_variables.c:1596:13: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(str, slen, race_list[GET_RACE(c)].type);
^~~~~~~~
protocol.c: In function \u2018Write\u2019:
protocol.c:42:3: warning: format not a string literal and no format arguments [-Wformat-security]
write_to_output(apDescriptor, apData);
^~~~~~~~~~~~~~~
protocol.c: In function \u2018ReportBug\u2019:
protocol.c:47:3: warning: format not a string literal and no format arguments [-Wformat-security]
log(apText);
^~~
genmob.c: In function \u2018write_mobile_espec\u2019:
genmob.c:515:17: warning: format not a string literal and no format arguments [-Wformat-security]
fprintf(fd, buf);
^~~
help.c: In function \u2018perform_help\u2019:
help.c:225:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, entry->entry);
^~~~~~~~~~~~
hlquest.c: In function \u2018show_quest_to_player\u2019:
hlquest.c:85:22: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:92:24: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:110:28: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:114:28: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:131:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:135:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:151:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:161:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:169:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:181:28: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:193:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:209:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:219:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:224:3: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, quest->reply_msg);
^~~~~~~~~~~~
hlquest.c: In function \u2018perform_out_chain\u2019:
hlquest.c:423:24: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:432:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:437:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:492:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:514:13: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlquest.c: In function \u2018quest_ask\u2019:
hlquest.c:568:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlquest.c: In function \u2018do_qinfo\u2019:
hlquest.c:1049:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c: In function \u2018do_checkapproved\u2019:
hlquest.c:1083:26: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c: In function \u2018do_kitquests\u2019:
hlquest.c:1097:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlquest.c:1116:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c: In function \u2018do_spellquests\u2019:
hlquest.c:1140:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlquest.c:1149:24: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:1166:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c: In function \u2018do_qref\u2019:
hlquest.c:1205:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlquest.c:1220:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:1234:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c:1240:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
hlquest.c: In function \u2018do_qview\u2019:
hlquest.c:1287:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
rank.c: In function \u2018do_slug_rank\u2019:
rank.c:176:22: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buffer);
^~~~~~
oedit.c: In function \u2018oedit_disp_weapon_spells\u2019:
oedit.c:339:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
spells.c: In function \u2018create_wall\u2019:
spells.c:228:22: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_room(room, buf);
^~~
act.wizard.c: In function \u2018do_show\u2019:
act.wizard.c:3419:24: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
act.wizard.c:3445:24: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
act.wizard.c: In function \u2018do_objlist\u2019:
act.wizard.c:6755:22: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
act.wizard.c: In function \u2018do_singlefile\u2019:
act.wizard.c:6956:24: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
race.c: In function \u2018display_race_info\u2019:
race.c:363:3: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, strfrmt(buf, line_length, 1, FALSE, FALSE, FALSE));
^~~~~~~~~~~~
treasure.c: In function \u2018award_random_crystal\u2019:
treasure.c:927:3: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(buf2, 20, label_rare_grade(rare_grade));
^~~~~~~~
treasure.c: In function \u2018award_magic_armor\u2019:
treasure.c:1865:3: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc, MEDIUM_STRING, label_rare_grade(rare_grade));
^~~~~~~~
treasure.c: In function \u2018award_magic_weapon\u2019:
treasure.c:2314:3: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc, MEDIUM_STRING, label_rare_grade(rare_grade));
^~~~~~~~
treasure.c: In function \u2018give_misc_magic_item\u2019:
treasure.c:2797:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, ring_descs[rand_number(0, NUM_A_RING_DESCS - 1)]);
^~~~~~~~
treasure.c:2798:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, gemstones[rand_number(0, NUM_A_GEMSTONES - 1)]);
^~~~~~~~
treasure.c:2803:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, neck_descs[rand_number(0, NUM_A_NECK_DESCS - 1)]);
^~~~~~~~
treasure.c:2804:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, gemstones[rand_number(0, NUM_A_GEMSTONES - 1)]);
^~~~~~~~
treasure.c:2809:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, boot_descs[rand_number(0, NUM_A_BOOT_DESCS - 1)]);
^~~~~~~~
treasure.c:2810:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:2811:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:2816:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, hands_descs[rand_number(0, NUM_A_HAND_DESCS - 1)]);
^~~~~~~~
treasure.c:2817:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:2818:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:2823:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, cloak_descs[rand_number(0, NUM_A_CLOAK_DESCS - 1)]);
^~~~~~~~
treasure.c:2824:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_crests[rand_number(0, NUM_A_ARMOR_CRESTS - 1)]);
^~~~~~~~
treasure.c:2825:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:2830:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, waist_descs[rand_number(0, NUM_A_WAIST_DESCS - 1)]);
^~~~~~~~
treasure.c:2831:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:2832:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:2837:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, wrist_descs[rand_number(0, NUM_A_WRIST_DESCS - 1)]);
^~~~~~~~
treasure.c:2838:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, gemstones[rand_number(0, NUM_A_GEMSTONES - 1)]);
^~~~~~~~
treasure.c:2843:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, crystal_descs[rand_number(0, NUM_A_CRYSTAL_DESCS - 1)]);
^~~~~~~~
treasure.c:2844:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:2849:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, monk_glove_descs[rand_number(0, NUM_A_MONK_GLOVE_DESCS - 1)]);
^~~~~~~~
treasure.c:2850:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:2851:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c: In function \u2018award_misc_magic_item\u2019:
treasure.c:3084:3: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc, MEDIUM_STRING, label_rare_grade(rare_grade));
^~~~~~~~
treasure.c:3094:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, ring_descs[rand_number(0, NUM_A_RING_DESCS - 1)]);
^~~~~~~~
treasure.c:3095:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, gemstones[rand_number(0, NUM_A_GEMSTONES - 1)]);
^~~~~~~~
treasure.c:3100:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, neck_descs[rand_number(0, NUM_A_NECK_DESCS - 1)]);
^~~~~~~~
treasure.c:3101:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, gemstones[rand_number(0, NUM_A_GEMSTONES - 1)]);
^~~~~~~~
treasure.c:3106:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, boot_descs[rand_number(0, NUM_A_BOOT_DESCS - 1)]);
^~~~~~~~
treasure.c:3107:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:3108:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:3113:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, hands_descs[rand_number(0, NUM_A_HAND_DESCS - 1)]);
^~~~~~~~
treasure.c:3114:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:3115:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:3120:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, cloak_descs[rand_number(0, NUM_A_CLOAK_DESCS - 1)]);
^~~~~~~~
treasure.c:3121:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_crests[rand_number(0, NUM_A_ARMOR_CRESTS - 1)]);
^~~~~~~~
treasure.c:3122:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:3127:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, waist_descs[rand_number(0, NUM_A_WAIST_DESCS - 1)]);
^~~~~~~~
treasure.c:3128:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:3129:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:3134:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, wrist_descs[rand_number(0, NUM_A_WRIST_DESCS - 1)]);
^~~~~~~~
treasure.c:3135:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, gemstones[rand_number(0, NUM_A_GEMSTONES - 1)]);
^~~~~~~~
treasure.c:3140:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, crystal_descs[rand_number(0, NUM_A_CRYSTAL_DESCS - 1)]);
^~~~~~~~
treasure.c:3141:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
treasure.c:3146:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(armor_name, MEDIUM_STRING, monk_glove_descs[rand_number(0, NUM_A_MONK_GLOVE_DESCS - 1)]);
^~~~~~~~
treasure.c:3147:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc2, SHORT_STRING, armor_special_descs[rand_number(0, NUM_A_ARMOR_SPECIAL_DESCS - 1)]);
^~~~~~~~
treasure.c:3148:5: warning: format not a string literal and no format arguments [-Wformat-security]
snprintf(desc3, SHORT_STRING, colors[rand_number(0, NUM_A_COLORS - 1)]);
^~~~~~~~
hlqedit.c: In function \u2018zedit_create_index\u2019:
hlqedit.c:57:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlqedit.c:63:9: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlqedit.c: In function \u2018hlqedit_show_classes\u2019:
hlqedit.c:112:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c: In function \u2018hlqedit_disp_incommand_menu\u2019:
hlqedit.c:392:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c: In function \u2018hlqedit_disp_outcommand_menu\u2019:
hlqedit.c:428:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c: In function \u2018hlqedit_disp_spells\u2019:
hlqedit.c:445:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c:448:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c: In function \u2018hlqedit_disp_menu\u2019:
hlqedit.c:472:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c:498:32: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c:517:30: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
hlqedit.c: In function \u2018hlqedit_parse\u2019:
hlqedit.c:566:11: warning: format not a string literal and no format arguments [-Wformat-security]
log(buf);
^~~
hlqedit.c:804:36: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(d->character, buf);
^~~
act.other.c: In function \u2018do_recharge\u2019:
act.other.c:1540:22: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, buf);
^~~
act.other.c: In function \u2018do_shapechange\u2019:
act.other.c:3098:7: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, shape_types[i]);
^~~~~~~~~~~~
act.other.c: In function \u2018show_hints\u2019:
act.other.c:5974:5: warning: format not a string literal and no format arguments [-Wformat-security]
send_to_char(ch, hints[roll]);
^~~~~~~~~~~~