From: Kyle Robbertze <kyle@paddatrapper.com>
Date: Mon, 27 Jan 2020 11:02:02 +0200
Subject: Fix security issues using unformatted variables

Using format functions with unformatted variables may be a security
hole if the format string came from an untrusted input.
See https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
---
 src/common/logging.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/common/logging.cpp b/src/common/logging.cpp
index e3d247b..a9f6a72 100644
--- a/src/common/logging.cpp
+++ b/src/common/logging.cpp
@@ -36,12 +36,12 @@ void Log(int prio,const QString &msg)
 
   switch(global_log_to) {
   case LOG_TO_SYSLOG:
-    syslog(prio,sysmsg.toUtf8());
+    syslog(prio,"%s",(const char *)sysmsg.toUtf8());
     break;
 
   case LOG_TO_STDOUT:
     printf("ER %d %s\n",prio,(const char *)msg.toUtf8());
-    syslog(prio,sysmsg.toUtf8());
+    syslog(prio,"%s",(const char *)sysmsg.toUtf8());
     break;
 
   default: