1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
Author: Ole Streicher <debian@liska.ath.cx>
Description: Fix format security errors
--- a/src/catout.c
+++ b/src/catout.c
@@ -999,7 +999,7 @@
break;
case ASCII_SKYCAT:
- fprintf(ascfile, skycattail);
+ fprintf(ascfile, "%s", skycattail);
if (!prefs.pipe_flag)
fclose(ascfile);
break;
--- a/src/xml.c
+++ b/src/xml.c
@@ -696,7 +696,7 @@
name, ucd);
break;
case P_STRING:
- sprintf(value, (char *)key[i].ptr);
+ sprintf(value, "%s", (char *)key[i].ptr);
fprintf(file, " <PARAM name=\"%s\" datatype=\"char\" arraysize=\"*\""
" ucd=\"%s\" value=\"%s\"/>\n",
name, ucd, *value? value: " ");
@@ -705,13 +705,13 @@
n = *(key[i].nlistptr);
if (n)
{
- sprintf(value, ((char **)key[i].ptr)[0]);
+ sprintf(value, "%s", ((char **)key[i].ptr)[0]);
fprintf(file, " <PARAM name=\"%s\" datatype=\"char\""
" arraysize=\"*\" ucd=\"%s\" value=\"%s",
name, ucd, *value? value: " ");
for (j=1; j<n; j++)
{
- sprintf(value, ((char **)key[i].ptr)[j]);
+ sprintf(value, "%s", ((char **)key[i].ptr)[j]);
fprintf(file, ",%s", *value? value: " ");
}
fprintf(file, "\"/>\n");
@@ -722,7 +722,7 @@
name, ucd);
break;
case P_KEY:
- sprintf(value, key[i].keylist[*((int *)key[i].ptr)]);
+ sprintf(value, "%s", key[i].keylist[*((int *)key[i].ptr)]);
fprintf(file, " <PARAM name=\"%s\" datatype=\"char\" arraysize=\"*\""
" ucd=\"%s\" value=\"%s\"/>\n",
name, ucd, value);
@@ -731,13 +731,13 @@
n = *(key[i].nlistptr);
if (n)
{
- sprintf(value, key[i].keylist[((int *)key[i].ptr)[0]]);
+ sprintf(value, "%s", key[i].keylist[((int *)key[i].ptr)[0]]);
fprintf(file, " <PARAM name=\"%s\" datatype=\"char\""
" arraysize=\"*\" ucd=\"%s\" value=\"%s",
name, ucd, value);
for (j=1; j<n; j++)
{
- sprintf(value, key[i].keylist[((int *)key[i].ptr)[j]]);
+ sprintf(value, "%s", key[i].keylist[((int *)key[i].ptr)[j]]);
fprintf(file, ",%s", value);
}
fprintf(file, "\"/>\n");
|