Package: denemo / 0.9.2-3

format_error_strings.diff Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Description: This patch adds string literals
 to format error strings in the g_print function. This is required by
 -Werror=format-security to avoid format string attacks. This pacth
 was backported in order to be able to use security hardening build
 flags via dpkg-buildflags.

Origin: upstream, http://git.savannah.gnu.org/gitweb/?p=denemo.git;a=commitdiff;h=e17c5abd
Author: Jeremiah Benham <jjbenham@chicagoguitar.com>
Bug-Debian: http://bugs.debian.org/683563
Last-Update: 2012-08-02

--- a/src/print.c
+++ b/src/print.c
@@ -1210,10 +1210,10 @@
            
             gchar *mt = g_strdup_printf("%u", mtime);
             if(!gdk_pixbuf_save (pbN, thumbpathN, "png"/*type*/, &err, "tEXt::Thumb::URI", uri, "tEXt::Thumb::MTime", mt , NULL))
-              g_print(err->message);
+              g_print("%s",err->message);
             err = NULL;
             if(!gdk_pixbuf_save (pbL, thumbpathL, "png"/*type*/, &err, "tEXt::Thumb::URI", uri, "tEXt::Thumb::MTime", mt , NULL))
-              g_print(err->message);
+              g_print("%s",err->message);
 
               //FIXME do the pbN L need freeing???
             g_free(uri);