Closed irssibot closed 10 years ago
irssi-0.8.16-format-security.patch
diff --git a/src/core/network.c b/src/core/network.c
index d7c1017..5954d1f 100644
--- a/src/core/network.c
+++ b/src/core/network.c
@@ -356,7 +356,7 @@ int net_receive(GIOChannel *handle, char *buf, int len)
status = g_io_channel_read_chars(handle, buf, len, &ret, &err);
if (err != NULL) {
- g_warning(err->message);
+ g_warning("%s", err->message);
g_error_free(err);
}
if (status == G_IO_STATUS_ERROR || status == G_IO_STATUS_EOF)
@@ -377,7 +377,7 @@ int net_transmit(GIOChannel *handle, const char *data, int len)
status = g_io_channel_write_chars(handle, (char *) data, len, &ret, &err);
if (err != NULL) {
- g_warning(err->message);
+ g_warning("%s", err->message);
g_error_free(err);
}
if (status == G_IO_STATUS_ERROR)
Your patch has been applied and will be included in the next release.
This can be good for users using GCC with hardened CFLAGS and also it is good practice of "defensive coding". For more details see Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=1037139