[packages/3store] - fix format string errors - rel 11

baggins baggins at pld-linux.org
Tue Oct 18 19:04:19 CEST 2016 

commit d4760af2b3cf93efeb73f9912e44035d7386f025
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Tue Oct 18 19:04:06 2016 +0200

    - fix format string errors
    - rel 11

 3store.spec           |  4 +++-
 format-security.patch | 22 ++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
---
diff --git a/3store.spec b/3store.spec
index ed0e5f7..942ece7 100644
--- a/3store.spec
+++ b/3store.spec
@@ -6,13 +6,14 @@ Summary:	3store RDF engine
 Summary(pl.UTF-8):	Silnik RDF 3store
 Name:		3store
 Version:	2.2.22
-Release:	10
+Release:	11
 License:	GPL v2+
 Group:		Libraries
 Source0:	http://dl.sourceforge.net/threestore/%{name}-%{version}.tar.gz
 # Source0-md5:	6fa70d2830c82eb030d8888f4da0c86c
 Patch0:		%{name}-ac.patch
 Patch1:		glib2.patch
+Patch2:		format-security.patch
 URL:		http://threestore.sourceforge.net/
 BuildRequires:	autoconf
 BuildRequires:	automake
@@ -70,6 +71,7 @@ Statyczna biblioteka 3store.
 %setup -q
 %patch0 -p1
 %{?with_glib2:%patch1 -p1}
+%patch2 -p1
 
 %build
 %{__libtoolize}
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..5fe2df1
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,22 @@
+--- 3store-2.2.22/src/rdfsql/rdql.c~	2005-07-18 19:54:59.000000000 +0200
++++ 3store-2.2.22/src/rdfsql/rdql.c	2016-10-18 19:01:52.998317482 +0200
+@@ -535,7 +535,7 @@
+ 	res->error_str = g_strdup_printf("SQL error in '%s' %d: %s\n",
+ 					 sql_query, mysql_errno(this->db),
+ 					 mysql_error(this->db));
+-	fprintf(stderr, res->error_str);
++	fprintf(stderr, "%s", res->error_str);
+ 	fprintf(stderr, "Query: %s\n", sql_query);
+ 
+ 	return res;
+--- 3store-2.2.22/src/tools/tstore_setup.c~	2005-07-18 16:01:15.000000000 +0200
++++ 3store-2.2.22/src/tools/tstore_setup.c	2016-10-18 19:02:50.583911067 +0200
+@@ -254,7 +254,7 @@
+ 		}
+ 	    }
+ 	    LOG(1, "SQL: ");
+-	    LOG(1, tmp);
++	    LOG(1, "%s", tmp);
+ 	    LOG(1, "\n");
+ 	    if (mysql_query(mdb, tmp)) {
+ 		if (mysql_errno(mdb) == ER_TABLE_EXISTS_ERROR) {
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/3store.git/commitdiff/d4760af2b3cf93efeb73f9912e44035d7386f025

More information about the pld-cvs-commit mailing list