Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-gfx/gqview/files/gqview-2.1.5-format-security.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-gfx/gqview/files/gqview-2.1.5-format-security.patch')
-rw-r--r--media-gfx/gqview/files/gqview-2.1.5-format-security.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/media-gfx/gqview/files/gqview-2.1.5-format-security.patch b/media-gfx/gqview/files/gqview-2.1.5-format-security.patch
new file mode 100644
index 000000000000..baf88993a1f3
--- /dev/null
+++ b/media-gfx/gqview/files/gqview-2.1.5-format-security.patch
@@ -0,0 +1,56 @@
+Don't pass external input as format string. Detected by -Werror=format-security.
+
+https://bugs.gentoo.org/530630
+--- a/src/print.c
++++ b/src/print.c
+@@ -1220,7 +1220,7 @@ static void print_job_ps_page_image_pixel(FILE *f, guchar *pix)
+ }
+ text[6] = '\0';
+
+- fprintf(f, text);
++ fprintf(f, "%s", text);
+ }
+ static gint print_job_ps_page_image(PrintWindow *pw, GdkPixbuf *pixbuf,
+ gdouble x, gdouble y, gdouble w, gdouble h,
+@@ -1345,7 +1345,7 @@ static const gchar *ps_text_to_hex_array(FILE *f, const gchar *text, gdouble x,
+ text[1] = hex_digits[*p & 0xf];
+ text[2] = '\0';
+
+- fprintf(f, text);
++ fprintf(f, "%s", text);
+
+ p++;
+ }
+--- a/src/ui_fileops.c
++++ b/src/ui_fileops.c
+@@ -44,7 +44,7 @@ void print_term(const gchar *text_utf8)
+ gchar *text_l;
+
+ text_l = g_locale_from_utf8(text_utf8, -1, NULL, NULL, NULL);
+- printf((text_l) ? text_l : text_utf8);
++ printf("%s", (text_l) ? text_l : text_utf8);
+ g_free(text_l);
+ }
+
+--- a/src/view_file_icon.c
++++ b/src/view_file_icon.c
+@@ -614,7 +614,7 @@ static void vficon_dnd_get(GtkWidget *widget, GdkDragContext *context,
+ uri_text = uri_text_from_list(list, &total, (info == TARGET_TEXT_PLAIN));
+ path_list_free(list);
+
+- if (debug) printf(uri_text);
++ if (debug) printf("%s", uri_text);
+
+ gtk_selection_data_set(selection_data, selection_data->target,
+ 8, (guchar *)uri_text, total);
+--- a/src/view_file_list.c
++++ b/src/view_file_list.c
+@@ -136,7 +136,7 @@ static void vflist_dnd_get(GtkWidget *widget, GdkDragContext *context,
+ uri_text = uri_text_from_list(list, &total, (info == TARGET_TEXT_PLAIN));
+ path_list_free(list);
+
+- if (debug) printf(uri_text);
++ if (debug) printf("%s", uri_text);
+
+ gtk_selection_data_set(selection_data, selection_data->target,
+ 8, (guchar *)uri_text, total);