commit d4760af2b3cf93efeb73f9912e44035d7386f025
Author: Jan Rękorajski <bagg...@pld-linux.org>
Date:   Tue Oct 18 19:04:06 2016 +0200

    - fix format string errors
    - rel 11

 3store.spec           |  4 +++-
 format-security.patch | 22 ++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
---
diff --git a/3store.spec b/3store.spec
index ed0e5f7..942ece7 100644
--- a/3store.spec
+++ b/3store.spec
@@ -6,13 +6,14 @@ Summary:      3store RDF engine
 Summary(pl.UTF-8):     Silnik RDF 3store
 Name:          3store
 Version:       2.2.22
-Release:       10
+Release:       11
 License:       GPL v2+
 Group:         Libraries
 Source0:       http://dl.sourceforge.net/threestore/%{name}-%{version}.tar.gz
 # Source0-md5: 6fa70d2830c82eb030d8888f4da0c86c
 Patch0:                %{name}-ac.patch
 Patch1:                glib2.patch
+Patch2:                format-security.patch
 URL:           http://threestore.sourceforge.net/
 BuildRequires: autoconf
 BuildRequires: automake
@@ -70,6 +71,7 @@ Statyczna biblioteka 3store.
 %setup -q
 %patch0 -p1
 %{?with_glib2:%patch1 -p1}
+%patch2 -p1
 
 %build
 %{__libtoolize}
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..5fe2df1
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,22 @@
+--- 3store-2.2.22/src/rdfsql/rdql.c~   2005-07-18 19:54:59.000000000 +0200
++++ 3store-2.2.22/src/rdfsql/rdql.c    2016-10-18 19:01:52.998317482 +0200
+@@ -535,7 +535,7 @@
+       res->error_str = g_strdup_printf("SQL error in '%s' %d: %s\n",
+                                        sql_query, mysql_errno(this->db),
+                                        mysql_error(this->db));
+-      fprintf(stderr, res->error_str);
++      fprintf(stderr, "%s", res->error_str);
+       fprintf(stderr, "Query: %s\n", sql_query);
+ 
+       return res;
+--- 3store-2.2.22/src/tools/tstore_setup.c~    2005-07-18 16:01:15.000000000 
+0200
++++ 3store-2.2.22/src/tools/tstore_setup.c     2016-10-18 19:02:50.583911067 
+0200
+@@ -254,7 +254,7 @@
+               }
+           }
+           LOG(1, "SQL: ");
+-          LOG(1, tmp);
++          LOG(1, "%s", tmp);
+           LOG(1, "\n");
+           if (mysql_query(mdb, tmp)) {
+               if (mysql_errno(mdb) == ER_TABLE_EXISTS_ERROR) {
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/3store.git/commitdiff/d4760af2b3cf93efeb73f9912e44035d7386f025

_______________________________________________
pld-cvs-commit mailing list
pld-cvs-commit@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

Reply via email to