On 02/28/13 at 06:58pm, Dave Reisner wrote: > On Feb 28, 2013 6:56 PM, "Simon Gomizelj" <[email protected]> wrote: > > > > Basically all translation messages that need colouring but _also_ happen > > to be format strings need to be split up. > > > > This makes it easy to conditionally embed colour codes into the output > > at runtime. > > > > Signed-off-by: Simon Gomizelj <[email protected]> > > --- > > I say this without really knowing how gettext works, but this looks like it > closes a potential format string vulnerability. > > > src/pacman/util.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/src/pacman/util.c b/src/pacman/util.c > > index 3270c74..b5ee841 100644 > > --- a/src/pacman/util.c > > +++ b/src/pacman/util.c > > @@ -871,7 +871,7 @@ static void _display_targets(alpm_list_t *targets, > int verbose) > > } > > > > /* print to screen */ > > - pm_asprintf(&str, _("Packages (%zd):"), alpm_list_count(targets)); > > + pm_asprintf(&str, "%s (%zd):", _("Packages"), > alpm_list_count(targets)); > > printf("\n"); > > > > cols = getcols(fileno(stdout)); > > -- > > 1.8.1.4 > > > > >
The gettext documentation suggests using format strings with full sentences rather than this type of string concatenation [0], and it is capable of checking that translated format strings are compatible [1]. [0] http://www.gnu.org/software/gettext/manual/gettext.html#Preparing-Strings [1] http://www.gnu.org/software/gettext/manual/gettext.html#c_002dformat-Flag
