mirror of
https://anongit.gentoo.org/git/repo/gentoo.git
synced 2025-06-09 06:35:19 +02:00
d15eae1e2a
This fixes two compiler warnings about possible format string risks and missing function definitions that will cause errors in clang 16. Closes: https://bugs.gentoo.org/521266 Closes: https://bugs.gentoo.org/874960 Closes: https://github.com/gentoo/gentoo/pull/28420 Signed-off-by: Hanno Böck <hanno@gentoo.org>
24 lines
907 B
Diff
24 lines
907 B
Diff
Description: Fix potential security issue (arbitrary string being passed
|
|
as a format string to fprintf).
|
|
Author: Andrew Shadura <andrewsh@debian.org>
|
|
|
|
--- a/unix/uuenview.c
|
|
+++ b/unix/uuenview.c
|
|
@@ -310,7 +310,7 @@ SendMkCommand (char **rcptlist, char *to
|
|
}
|
|
|
|
if ((*rcptlist = (char *) malloc (strlen (towhom) + 16)) == NULL) {
|
|
- fprintf (stderr, "error: Out of memory allocating %d bytes\n",
|
|
+ fprintf (stderr, "error: Out of memory allocating %zd bytes\n",
|
|
strlen (towhom)+16);
|
|
_FP_free (command);
|
|
return NULL;
|
|
@@ -483,7 +483,7 @@ AttachFiles (char *towhom, char *subject
|
|
if (_FP_stristr (input, "multipart") != NULL) {
|
|
/* it is already a multipart posting. grab the boundary */
|
|
if ((ptr = _FP_stristr (input, "boundary=")) != NULL) {
|
|
- fprintf(thepipe, input);
|
|
+ fprintf(thepipe, "%s", input);
|
|
strcpy (boundary, ParseValue (ptr));
|
|
hadmulti = 1;
|
|
}
|