Search
j0ke.net Open Build Service
>
Projects
>
home:jg
>
joe
> joe-3.7-format-security.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File joe-3.7-format-security.patch of Package joe
diff -upr joe-3.7.orig/b.c joe-3.7/b.c --- joe-3.7.orig/b.c 2008-11-02 21:59:06.000000000 +0100 +++ joe-3.7/b.c 2013-12-11 12:46:16.476342506 +0100 @@ -2994,7 +2994,7 @@ RETSIGTYPE ttsig(int sig) if (b->name) fprintf(ttsig_f, (char *)joe_gettext(_("\n*** File \'%s\'\n")), b->name); else - fprintf(ttsig_f, (char *)joe_gettext(_("\n*** File \'(Unnamed)\'\n"))); + fprintf(ttsig_f, "%s", (char *)joe_gettext(_("\n*** File \'(Unnamed)\'\n"))); fflush(ttsig_f); bsavefd(b->bof, fileno(ttsig_f), b->eof->byte); } diff -upr joe-3.7.orig/cmd.c joe-3.7/cmd.c --- joe-3.7.orig/cmd.c 2008-11-02 02:31:59.000000000 +0100 +++ joe-3.7/cmd.c 2013-12-11 12:51:28.986628113 +0100 @@ -231,7 +231,7 @@ int steal_lock(BW *bw,int c,B *b,int *no if(bf1[0]) joe_snprintf_1(bf,sizeof(bf),joe_gettext(LOCKMSG1),bf1); else - joe_snprintf_0(bf,sizeof(bf),joe_gettext(LOCKMSG2)); + joe_snprintf_1(bf,sizeof(bf),"%s",joe_gettext(LOCKMSG2)); if (mkqw(bw->parent, sz(bf), steal_lock, NULL, b, notify)) { return 0; } else { @@ -289,7 +289,7 @@ int try_lock(BW *bw,B *b) if(bf1[0]) joe_snprintf_1(bf,sizeof(bf),joe_gettext(LOCKMSG1),bf1); else - joe_snprintf_0(bf,sizeof(bf),joe_gettext(LOCKMSG2)); + joe_snprintf_1(bf,sizeof(bf),"%s",joe_gettext(LOCKMSG2)); if (mkqw(bw->parent, sz(bf), steal_lock, NULL, b, NULL)) { uquery(bw); if (!b->locked) diff -upr joe-3.7.orig/main.c joe-3.7/main.c --- joe-3.7.orig/main.c 2013-12-11 12:42:01.980544000 +0100 +++ joe-3.7/main.c 2013-12-11 12:52:22.190198564 +0100 @@ -204,7 +204,7 @@ int main(int argc, char **real_argv, cha #ifndef __MSDOS__ if (!(cap = my_getcap(NULL, 9600, NULL, NULL))) { - fprintf(stderr, (char *)joe_gettext(_("Couldn't load termcap/terminfo entry\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("Couldn't load termcap/terminfo entry\n"))); return 1; } #endif @@ -356,7 +356,7 @@ int main(int argc, char **real_argv, cha donerc: if (validate_rc()) { - fprintf(stderr,(char *)joe_gettext(_("rc file has no :main key binding section or no bindings. Bye.\n"))); + fprintf(stderr,"%s",(char *)joe_gettext(_("rc file has no :main key binding section or no bindings. Bye.\n"))); return 1; } diff -upr joe-3.7.orig/rc.c joe-3.7/rc.c --- joe-3.7.orig/rc.c 2008-11-02 21:33:45.000000000 +0100 +++ joe-3.7/rc.c 2013-12-11 12:53:05.463851142 +0100 @@ -1489,9 +1489,9 @@ int procrc(CAP *cap, unsigned char *name /* Print proper ending string */ if (err) - fprintf(stderr, (char *)joe_gettext(_("\ndone\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("\ndone\n"))); else - fprintf(stderr, (char *)joe_gettext(_("done\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("done\n"))); return err; /* 0 for success, 1 for syntax error */ } diff -upr joe-3.7.orig/scrn.c joe-3.7/scrn.c --- joe-3.7.orig/scrn.c 2008-11-01 04:00:33.000000000 +0100 +++ joe-3.7/scrn.c 2013-12-11 12:53:46.552522391 +0100 @@ -717,7 +717,7 @@ SCRN *nopen(CAP *cap) signrm(); fprintf(stderr,"cm=%p ch=%p cv=%p ho=%p lf=%p DO=%p ll=%p up=%p UP=%p cr=%p\n", t->cm, t->ch, t->cv, t->ho, t->lf, t->DO, t->ll, t->up, t->UP, t->cr); - fprintf(stderr,(char *)joe_gettext(_("Sorry, your terminal can't do absolute cursor positioning.\nIt's broken\n"))); + fprintf(stderr,"%s",(char *)joe_gettext(_("Sorry, your terminal can't do absolute cursor positioning.\nIt's broken\n"))); return NULL; ok: diff -upr joe-3.7.orig/termcap.c joe-3.7/termcap.c --- joe-3.7.orig/termcap.c 2006-07-19 16:07:43.000000000 +0200 +++ joe-3.7/termcap.c 2013-12-11 12:54:05.290372747 +0100 @@ -213,7 +213,7 @@ CAP *my_getcap(unsigned char *name, unsi joe_free(cap); return 0; */ - fprintf(stderr, (char *)joe_gettext(_("Couldn't load termcap entry. Using ansi default\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("Couldn't load termcap entry. Using ansi default\n"))); ti = 0; cap->tbuf = vsncpy(cap->tbuf, 0, sc(defentry)); goto checktc; diff -upr joe-3.7.orig/tty.c joe-3.7/tty.c --- joe-3.7.orig/tty.c 2013-12-11 12:42:01.979544000 +0100 +++ joe-3.7/tty.c 2013-12-11 12:54:50.542011905 +0100 @@ -326,7 +326,7 @@ void ttopnn(void) if (!termin) { if (idleout ? (!(termin = stdin) || !(termout = stdout)) : (!(termin = fopen("/dev/tty", "r")) || !(termout = fopen("/dev/tty", "w")))) { - fprintf(stderr, (char *)joe_gettext(_("Couldn\'t open /dev/tty\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("Couldn\'t open /dev/tty\n"))); exit(1); } else { #ifdef SIGWINCH @@ -743,7 +743,7 @@ int ttshell(unsigned char *cmd) if (cmd) execl((char *)s, (char *)s, "-c", cmd, NULL); else { - fprintf(stderr, (char *)joe_gettext(_("You are at the command shell. Type 'exit' to return\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("You are at the command shell. Type 'exit' to return\n"))); execl((char *)s, (char *)s, NULL); } _exit(0); @@ -807,7 +807,7 @@ void ttsusp(void) omode = ttymode; mpxsusp(); ttclsn(); - fprintf(stderr, (char *)joe_gettext(_("You have suspended the program. Type 'fg' to return\n"))); + fprintf(stderr, "%s", (char *)joe_gettext(_("You have suspended the program. Type 'fg' to return\n"))); kill(0, SIGTSTP); #ifdef junk /* Hmmm... this should not have been necessary */ diff -upr joe-3.7.orig/uerror.c joe-3.7/uerror.c --- joe-3.7.orig/uerror.c 2006-07-19 02:27:13.000000000 +0200 +++ joe-3.7/uerror.c 2013-12-11 12:58:25.382304276 +0100 @@ -327,7 +327,7 @@ int parserrb(B *b) if (n) joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("%d messages found")), n); else - joe_snprintf_0(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("No messages found"))); + joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, "%s", joe_gettext(_("No messages found"))); msgnw(bw->parent, msgbuf); return 0; } @@ -341,7 +341,7 @@ int uparserr(BW *bw) if (n) joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("%d messages found")), n); else - joe_snprintf_0(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("No messages found"))); + joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, "%s", joe_gettext(_("No messages found"))); msgnw(bw->parent, msgbuf); return 0; } diff -upr joe-3.7.orig/ufile.c joe-3.7/ufile.c --- joe-3.7.orig/ufile.c 2013-12-11 12:42:01.976544000 +0100 +++ joe-3.7/ufile.c 2013-12-11 12:59:14.713912755 +0100 @@ -62,11 +62,11 @@ void genexmsgmulti(BW *bw, int saved, in { if (saved) if (skipped) - joe_snprintf_0(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("Some files have not been saved."))); + joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, "%s", joe_gettext(_("Some files have not been saved."))); else - joe_snprintf_0(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("All modified files have been saved."))); + joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, "%s", joe_gettext(_("All modified files have been saved."))); else - joe_snprintf_0(msgbuf, JOE_MSGBUFSIZE, joe_gettext(_("No modified files, so no updates needed."))); + joe_snprintf_1(msgbuf, JOE_MSGBUFSIZE, "%s", joe_gettext(_("No modified files, so no updates needed."))); msgnw(bw->parent, msgbuf);