[PINENTRY PATCH] Fix format string errors in fltk pinentry
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Feb 6 02:44:51 CET 2018
if the mesage in question had formatting escape chars, this might be
able to cause a crash (or worse) in the pinentry.
Gbp-Pq: Name 0003-Fix-format-string-errors-in-fltk-pinentry.patch
---
fltk/main.cxx | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/fltk/main.cxx b/fltk/main.cxx
index 8e7e726..5d226ed 100644
--- a/fltk/main.cxx
+++ b/fltk/main.cxx
@@ -241,12 +241,12 @@ static int fltk_cmd_handler(pinentry_t pe)
if (pe->one_button)
{
fl_ok = ok.c_str();
- fl_message(message);
+ fl_message("%s", message);
result = 1; // OK
}
else if (pe->notok)
{
- switch (fl_choice(message, ok.c_str(), cancel.c_str(), pe->notok))
+ switch (fl_choice("%s", ok.c_str(), cancel.c_str(), pe->notok, message))
{
case 0: result = 1; break;
case 2: result = 0; break;
@@ -256,7 +256,7 @@ static int fltk_cmd_handler(pinentry_t pe)
}
else
{
- switch (fl_choice(message, ok.c_str(), cancel.c_str(), NULL))
+ switch (fl_choice("%s", ok.c_str(), cancel.c_str(), NULL, message))
{
case 0: result = 1; break;
default:
--
2.15.1
More information about the Gnupg-devel
mailing list