Re: Re : [PATCH] Format string bug in WMenuParserError

Mon, 16 Jul 2012 12:41:34 -0700 

>From f1da9d70d4e30654349cbb934f5c1adfb90c67b1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?"Rodolfo=20Garc=C3=ADa=20Pe=C3=B1as=20(kix)"?= <[email protected]>
Date: Mon, 16 Jul 2012 20:27:10 +0200
Subject: [PATCH] Format string bug in WMenuParserError

There is a format string bug in the function WMenuParserError.

Is the tipical FS, like printf(a) instead of printf("%s", a);

See http://en.wikipedia.org/wiki/Uncontrolled_format_string for more info.
---
 WINGs/menuparser.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/WINGs/menuparser.c b/WINGs/menuparser.c
index 7659817..3461446 100644
--- a/WINGs/menuparser.c
+++ b/WINGs/menuparser.c
@@ -102,7 +102,7 @@ void WMenuParserError(WMenuParser parser, const char *msg, 
...)
        va_start(args, msg);
        vsnprintf(buf, sizeof(buf), msg, args);
        va_end(args);
-       __wmessage("WMenuParser", parser->file_name, parser->line_number, 
WMESSAGE_TYPE_WARNING, buf);
+       __wmessage("WMenuParser", parser->file_name, parser->line_number, 
WMESSAGE_TYPE_WARNING, "%s", buf);
 
        for (parent = parser->parent_file; parent != NULL; parent = 
parent->parent_file)
                __wmessage("WMenuParser", parser->file_name, 
parser->line_number, WMESSAGE_TYPE_WARNING,
-- 
1.7.10.4

-- 
||// //\\// Rodolfo "kix" Garcia
||\\// //\\ http://www.kix.es/

>From 102717b929783a92c52fbde7834f0fd5932787ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?"Rodolfo=20Garc=C3=ADa=20Pe=C3=B1as=20(kix)"?= <[email protected]>
Date: Mon, 16 Jul 2012 20:27:10 +0200
Subject: [PATCH] Format string bug in WMenuParserError

There is a format string bug in the function WMenuParserError.

Is the tipical FS, like printf(a) instead of printf("%s", a);

See http://en.wikipedia.org/wiki/Uncontrolled_format_string for more info.
---
 WINGs/menuparser.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/WINGs/menuparser.c b/WINGs/menuparser.c
index 7659817..96555cd 100644
--- a/WINGs/menuparser.c
+++ b/WINGs/menuparser.c
@@ -102,7 +102,7 @@ void WMenuParserError(WMenuParser parser, const char *msg, ...)
 	va_start(args, msg);
 	vsnprintf(buf, sizeof(buf), msg, args);
 	va_end(args);
-	__wmessage("WMenuParser", parser->file_name, parser->line_number, WMESSAGE_TYPE_WARNING, buf);
+	__wmessage("WMenuParser", parser->file_name, parser->line_number, WMESSAGE_TYPE_WARNING, "%s", buf);
 
 	for (parent = parser->parent_file; parent != NULL; parent = parent->parent_file)
 		__wmessage("WMenuParser", parser->file_name, parser->line_number, WMESSAGE_TYPE_WARNING,
-- 
1.7.10.4

Reply via email to