This removes a bug where the error message is substituted with the format string and, by using vsnprintf, also possibly exploitable buffer overflows in the creation of the error string.
The bug is reproducible simply by generating some error, and you'll get printed the format string instead of the result, so something like this:
ERROR: Enrollment failed (code=8,native=0,subsystem=0): Invalid header %s value %s found in response
This removes a bug where the error message is substituted with the format string and, by using vsnprintf, also possibly exploitable buffer overflows in the creation of the error string.
The bug is reproducible simply by generating some error, and you'll get printed the format string instead of the result, so something like this: