Patrick Williams | c0f7c04 | 2017-02-23 20:41:17 -0600 | [diff] [blame] | 1 | zip: Fixing security formatting issues |
| 2 | |
| 3 | Fix security formatting issues related to printing without NULL argument |
| 4 | |
| 5 | zip.c: In function 'help_extended': |
| 6 | zip.c:1031:5: error: format not a string literal and no format arguments [-Werror=format-security] |
| 7 | printf(text[i]); |
| 8 | ^ |
| 9 | zip.c: In function 'version_info': |
| 10 | zip.c:1228:5: error: format not a string literal and no format arguments [-Werror=format-security] |
| 11 | printf(cryptnote[i]); |
| 12 | ^ |
| 13 | |
| 14 | [YOCTO #9552] |
| 15 | [https://bugzilla.yoctoproject.org/show_bug.cgi?id=9552] |
| 16 | |
Andrew Geissler | 78b7279 | 2022-06-14 06:47:25 -0500 | [diff] [blame] | 17 | Upstream-Status: Inactive-Upstream [need a new release] |
Patrick Williams | c0f7c04 | 2017-02-23 20:41:17 -0600 | [diff] [blame] | 18 | |
| 19 | Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com> |
| 20 | |
| 21 | diff --git a/zip.c b/zip.c |
| 22 | index 439821f..d7da768 100644 |
| 23 | --- a/zip.c |
| 24 | +++ b/zip.c |
| 25 | @@ -1028,7 +1028,7 @@ local void help_extended() |
| 26 | |
| 27 | for (i = 0; i < sizeof(text)/sizeof(char *); i++) |
| 28 | { |
| 29 | - printf(text[i]); |
| 30 | + fputs(text[i],stdout); |
| 31 | putchar('\n'); |
| 32 | } |
| 33 | #ifdef DOS |
| 34 | @@ -1225,7 +1225,7 @@ local void version_info() |
| 35 | CR_MAJORVER, CR_MINORVER, CR_BETA_VER, CR_VERSION_DATE); |
| 36 | for (i = 0; i < sizeof(cryptnote)/sizeof(char *); i++) |
| 37 | { |
| 38 | - printf(cryptnote[i]); |
| 39 | + fputs(cryptnote[i],stdout); |
| 40 | putchar('\n'); |
| 41 | } |
| 42 | ++i; /* crypt support means there IS at least one compilation option */ |