[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Dia format string vulnerabilities (correction)



Hans de Goede writes:
> Hi all,
> 
> I was a bit short on time when I mailed my previous mail on this, so I
> didn't test (I didn't even compile) the patch. It turns out my previous
> patch contained one cut and paste error causing compilation to fail.
> 
> The attached patch fixes this and has been tested.

And maybe these two extra chunks (at least in 0.94).

Found by:
grep '\(message_\(error\|warning\)\|g_\(print\|message\|warning\)\|dia_assert_true\) *([^_"]' $(find -name '*.c')

-- 
Best Regards / S pozdravem,

Stanislav Brabec
software developer
---------------------------------------------------------------------
SuSE CR, s. r. o.                             e-mail: sbrabec suse cz
Drahobejlova 27                               tel: +420 296 542 382
190 00 Praha 9                                fax: +420 296 542 374
Czech Republic                                http://www.suse.cz/
--- plug-ins/python/pydia-error.c
+++ plug-ins/python/pydia-error.c
@@ -98,7 +98,7 @@
   if (self->str)
     g_string_append (self->str, s);
 
-  g_print (s);
+  g_print ("%s", s);
 
   Py_INCREF(Py_None);
   return Py_None;
--- plug-ins/xfig/xfig-export.c
+++ plug-ins/xfig/xfig-export.c
@@ -263,7 +263,7 @@
 figWarn(XfigRenderer *renderer, int warning) 
 {
   if (renderer->warnings[warning]) {
-    message_warning(renderer->warnings[warning]);
+    message_warning("%s", renderer->warnings[warning]);
     renderer->warnings[warning] = NULL;
   }
 }

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]