1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
Description: Use %s as a formatting string to
compile with -Werror=format-security for hardening purposes
Bug-Debian: https://bugs.debian.org/752587
Bug: https://rt.cpan.org/Public/Bug/Display.html?id=78308
Author: Julián Moreno Patiño <julian@debian.org>
--- a/Tcl.xs
+++ b/Tcl.xs
@@ -1056,7 +1056,7 @@
/* sv_mortalcopy here prevents stringifying script - necessary ?? */
cscript = SvPV(sv_mortalcopy(script), length);
if (Tcl_EvalEx(interp, cscript, length, flags) != TCL_OK) {
- croak(Tcl_GetStringResult(interp));
+ croak("%s", Tcl_GetStringResult(interp));
}
prepare_Tcl_result(aTHX_ interp, "Tcl::Eval");
SPAGAIN;
@@ -1119,7 +1119,7 @@
PUTBACK;
Tcl_ResetResult(interp);
if (Tcl_EvalFile(interp, filename) != TCL_OK) {
- croak(Tcl_GetStringResult(interp));
+ croak("%s", Tcl_GetStringResult(interp));
}
prepare_Tcl_result(aTHX_ interp, "Tcl::EvalFile");
SPAGAIN;
@@ -1144,7 +1144,7 @@
{
Tcl_ResetResult(interp);
if (Tcl_Eval(interp, s) != TCL_OK)
- croak(Tcl_GetStringResult(interp));
+ croak("%s", Tcl_GetStringResult(interp));
append = 0;
}
}
@@ -1278,7 +1278,7 @@
}
if (result != TCL_OK) {
- croak(Tcl_GetStringResult(interp));
+ croak("%s", Tcl_GetStringResult(interp));
}
prepare_Tcl_result(aTHX_ interp, "Tcl::invoke");
@@ -1345,7 +1345,7 @@
}
if (result != TCL_OK) {
- croak(Tcl_GetStringResult(interp));
+ croak("%s", Tcl_GetStringResult(interp));
}
prepare_Tcl_result(aTHX_ interp, "Tcl::icall");
@@ -1420,7 +1420,7 @@
CODE:
if (!initialized) { return; }
if (tclKit_AppInit(interp) != TCL_OK) {
- croak(Tcl_GetStringResult(interp));
+ croak("%s", Tcl_GetStringResult(interp));
}
#ifdef HAVE_DDEINIT
|
