[packages/swish-e] - up to 2.4.7 - fix format string errors
baggins
baggins at pld-linux.org
Tue Jun 11 13:57:42 CEST 2013
commit 45fe6c1712a813748372a09ef299979d3956e4e3
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Tue Jun 11 13:57:20 2013 +0200
- up to 2.4.7
- fix format string errors
format-security.patch | 31 +++++++++++++++++++++++++++++++
swish-e.spec | 8 +++++---
2 files changed, 36 insertions(+), 3 deletions(-)
---
diff --git a/swish-e.spec b/swish-e.spec
index 00d3d62..01370bf 100644
--- a/swish-e.spec
+++ b/swish-e.spec
@@ -2,12 +2,13 @@
Summary: Simple Web Indexing System for Humans - Enhanced
Summary(pl.UTF-8): Prosty system indeksowania stron WWW - wersja rozszerzona
Name: swish-e
-Version: 2.4.6
-Release: 4
+Version: 2.4.7
+Release: 1
License: GPL/LGPL
Group: Applications/Text
Source0: http://swish-e.org/distribution/%{name}-%{version}.tar.gz
-# Source0-md5: eb762cba20ea0908141d44b1a31cdd39
+# Source0-md5: 736db7a65aed48bb3e2587c52833642d
+Patch0: format-security.patch
URL: http://swish-e.org/
#Icon: swish-e.xpm
BuildRequires: libxml2-devel
@@ -139,6 +140,7 @@ Biblioteka statyczna dla swish-e.
%prep
%setup -q
+%patch0 -p1
%build
%configure \
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..01d8cab
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,31 @@
+--- swish-e-2.4.7/src/parser.c~ 2009-04-05 03:58:32.000000000 +0200
++++ swish-e-2.4.7/src/parser.c 2013-06-11 13:53:08.196559035 +0200
+@@ -1760,7 +1760,7 @@
+ va_start(args, msg);
+ vsnprintf(str, 1000, msg, args );
+ va_end(args);
+- xmlParserError(parse_data->ctxt, str);
++ xmlParserError(parse_data->ctxt, "%s", str);
+ }
+
+ static void warning(void *data, const char *msg, ...)
+@@ -1772,7 +1772,7 @@
+ va_start(args, msg);
+ vsnprintf(str, 1000, msg, args );
+ va_end(args);
+- xmlParserWarning(parse_data->ctxt, str);
++ xmlParserWarning(parse_data->ctxt, "%s", str);
+ }
+
+
+--- swish-e-2.4.7/src/result_output.c~ 2009-04-05 03:58:32.000000000 +0200
++++ swish-e-2.4.7/src/result_output.c 2013-06-11 13:53:38.593550825 +0200
+@@ -752,7 +752,7 @@
+ s = (char *) emalloc(MAXWORDLEN + 1);
+ n = strftime(s, (size_t) MAXWORDLEN, fmt, localtime(&(pv->value.v_date)));
+ if (n && f)
+- fprintf(f, s);
++ fprintf(f, "%s", s);
+ efree(s);
+ }
+ break;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/swish-e.git/commitdiff/45fe6c1712a813748372a09ef299979d3956e4e3
More information about the pld-cvs-commit
mailing list