Date: Tuesday, February 15, 2022 @ 21:30:32 Author: arojas Revision: 437425
Backport only format-security fixes (FS#73694) Added: vde2/trunk/format-security.patch Modified: vde2/trunk/PKGBUILD -----------------------+ PKGBUILD | 14 ++++---------- format-security.patch | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 10 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2022-02-15 20:43:55 UTC (rev 437424) +++ PKGBUILD 2022-02-15 21:30:32 UTC (rev 437425) @@ -2,7 +2,7 @@ # Maintainer: Tobias Powalowski <[email protected]> pkgname=vde2 pkgver=2.3.2 -pkgrel=19 +pkgrel=20 pkgdesc="Virtual Distributed Ethernet for emulators like qemu" url="https://sourceforge.net/projects/vde/"; license=("GPL" "LGPL" "CUSTOM") @@ -15,9 +15,7 @@ iptables.rules.sample vde-config.sample vde-connection.sample - https://github.com/virtualsquare/vde-2/commit/7f7593cd.patch - https://github.com/virtualsquare/vde-2/commit/738d5149.patch - https://github.com/virtualsquare/vde-2/commit/561701bb.patch) + format-security.patch) install=vde2.install options=(!makeflags) sha256sums=('cbea9b7e03097f87a6b5e98b07890d2275848f1fe4b9fcda77b8994148bc9542' @@ -26,17 +24,13 @@ '99076d7466cd99673dbe91ef83865187e7868177959b38e125df63eea957f83e' '5727c215646333c37b26388146cd3e6b3814b88d60d54051d7da99e00c0aef87' '5139110ed6d5d1174bf12971512dac5196d9d07df46dd393d7b1cd083118fe9b' - 'a0d020f687254b12776ec18f60ce734fbc92ed4d6f5d81a1fba040d73762c2e1' - 'efad3a713b85265cd9691d8df513a1f7ebd678fc133f8efc2778b806cebf5ba1' - '66806a7f893947ab009bd1dae71d2bbb713ae837e0e12c08047c007269d4ce29') + 'a3207c93c4be4848e09a0b8618dcdc4e9d88a99153e95d3fcdd690efa6237a79') prepare() { cd $pkgname-$pkgver patch -Np1 -i ../vde_cryptcab-compile-against-openssl-1.1.0.patch # Fix format-security build errors - patch -p2 -i ../7f7593cd.patch - patch -p2 -i ../738d5149.patch - patch -p1 -i ../561701bb.patch + patch -p2 -i ../format-security.patch } build() { Added: format-security.patch =================================================================== --- format-security.patch (rev 0) +++ format-security.patch 2022-02-15 21:30:32 UTC (rev 437425) @@ -0,0 +1,33 @@ +diff --git a/vde-2/src/vde_switch/plugins/iplog.c b/vde-2/src/vde_switch/plugins/iplog.c +index dc2ad54..3bb113c 100644 +--- a/vde-2/src/vde_switch/plugins/iplog.c ++++ b/vde-2/src/vde_switch/plugins/iplog.c +@@ -214,7 +214,7 @@ static void ip_find_in_hash_update(int len, unsigned char *addr, unsigned char * + ctime_r(&ntime,stime); + writev(logfilefd,iov,3); + } else if (logfilefd != -1) +- syslog(LOG_INFO, msg); ++ syslog(LOG_INFO, "%s", msg); + DBGOUT(D_LOGIP_NEWIP,"%s",msg); + } + } +diff --git a/vde-2/src/common/cmdparse.c b/vde-2/src/common/cmdparse.c +index 05186d7..db349c7 100644 +--- a/vde-2/src/common/cmdparse.c ++++ b/vde-2/src/common/cmdparse.c +@@ -284,13 +284,13 @@ int utm_run(struct utm *utm, struct utm_buf *buf, int fd, int argc, char **argv, + int i; + for (i=0;i<argc;i++) { + if (i) fprintf(mf," "); +- fprintf(mf,argv[i]); ++ fprintf(mf, "%s", argv[i]); + } + } else { + int num=atoi(t); + while (*t >='0' && *t <= '9') t++; + if (num < argc) +- fprintf(mf,argv[num]); ++ fprintf(mf, "%s", argv[num]); + } + } else + fprintf(mf,"%c",*t);
