Author: stephan
Date: 2008-10-23 08:10:03 +0000 (Thu, 23 Oct 2008)
New Revision: 28378
Modified:
libxfcegui4/trunk/libxfcegui4/dialogs.c
Log:
Fix format-string vulnerabilities in 'message_dialog' and
'xfce_confirm'.
Modified: libxfcegui4/trunk/libxfcegui4/dialogs.c
===================================================================
--- libxfcegui4/trunk/libxfcegui4/dialogs.c 2008-10-23 06:24:41 UTC (rev
28377)
+++ libxfcegui4/trunk/libxfcegui4/dialogs.c 2008-10-23 08:10:03 UTC (rev
28378)
@@ -275,7 +275,7 @@
dlg = gtk_message_dialog_new (NULL,
GTK_DIALOG_MODAL,
- type, GTK_BUTTONS_CLOSE, message);
+ type, GTK_BUTTONS_CLOSE, "%s", message);
xfce_gtk_window_center_on_monitor_with_pointer (GTK_WINDOW (dlg));
gtk_dialog_run (GTK_DIALOG (dlg));
@@ -444,7 +444,7 @@
dialog = gtk_message_dialog_new (NULL,
GTK_DIALOG_MODAL,
GTK_MESSAGE_QUESTION, GTK_BUTTONS_NONE,
- text);
+ "%s", text);
if (strcmp (stock_id, GTK_STOCK_YES) == 0)
button = gtk_button_new_from_stock (GTK_STOCK_NO);
else
_______________________________________________
Xfce4-commits mailing list
[email protected]
http://foo-projects.org/mailman/listinfo/xfce4-commits
