diff options
Diffstat (limited to 'gnu/packages/patches/swish-e-format-security.patch')
-rw-r--r-- | gnu/packages/patches/swish-e-format-security.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/gnu/packages/patches/swish-e-format-security.patch b/gnu/packages/patches/swish-e-format-security.patch new file mode 100644 index 0000000000..be9d7cb8a9 --- /dev/null +++ b/gnu/packages/patches/swish-e-format-security.patch @@ -0,0 +1,33 @@ +Borrowed from Debian. + +--- swish-e-2.4.7/src/parser.c 2009-04-05 03:58:32.000000000 +0200 ++++ swish-e-2.4.7/src/parser.c 2013-06-11 13:53:08.196559035 +0200 +@@ -1760,7 +1760,7 @@ + va_start(args, msg); + vsnprintf(str, 1000, msg, args ); + va_end(args); +- xmlParserError(parse_data->ctxt, str); ++ xmlParserError(parse_data->ctxt, "%s", str); + } + + static void warning(void *data, const char *msg, ...) +@@ -1772,7 +1772,7 @@ + va_start(args, msg); + vsnprintf(str, 1000, msg, args ); + va_end(args); +- xmlParserWarning(parse_data->ctxt, str); ++ xmlParserWarning(parse_data->ctxt, "%s", str); + } + + +--- swish-e-2.4.7/src/result_output.c 2009-04-05 03:58:32.000000000 +0200 ++++ swish-e-2.4.7/src/result_output.c 2013-06-11 13:53:38.593550825 +0200 +@@ -752,7 +752,7 @@ + s = (char *) emalloc(MAXWORDLEN + 1); + n = strftime(s, (size_t) MAXWORDLEN, fmt, localtime(&(pv->value.v_date))); + if (n && f) +- fprintf(f, s); ++ fprintf(f, "%s", s); + efree(s); + } + break; |