diff options
| author | Kees Cook <kees@outflux.net> | 2007-03-20 17:16:36 +0000 |
|---|---|---|
| committer | keescook <keescook@users.sourceforge.net> | 2007-03-20 17:16:36 +0000 |
| commit | 4687a1c9ffe0d1d3f6ea01f360faa542a5b6491c (patch) | |
| tree | 734a4d35a4e7b90593ae86a6c9006e58ce23d7d1 /src/pedro/pedrogui.cpp | |
| parent | patch by cilix42 for bug 1671665 (diff) | |
| download | inkscape-4687a1c9ffe0d1d3f6ea01f360faa542a5b6491c.tar.gz inkscape-4687a1c9ffe0d1d3f6ea01f360faa542a5b6491c.zip | |
format string protection/clean up (CVE-2007-1463, CVE-2007-1464)
(bzr r2720)
Diffstat (limited to 'src/pedro/pedrogui.cpp')
| -rw-r--r-- | src/pedro/pedrogui.cpp | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/src/pedro/pedrogui.cpp b/src/pedro/pedrogui.cpp index 6bdbe3422..38c66b407 100644 --- a/src/pedro/pedrogui.cpp +++ b/src/pedro/pedrogui.cpp @@ -1992,24 +1992,26 @@ void PedroGui::error(const char *fmt, ...) { va_list args; va_start(args, fmt); - vsnprintf(writeBuf, writeBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - Gtk::MessageDialog dlg(writeBuf, + Gtk::MessageDialog dlg(buffer, false, Gtk::MESSAGE_ERROR, Gtk::BUTTONS_OK, true); dlg.run(); + g_free(buffer); } void PedroGui::status(const char *fmt, ...) { va_list args; va_start(args, fmt); - vsnprintf(writeBuf, writeBufLen, fmt, args); + gchar * buffer = g_strdup_vprintf(fmt, args); va_end(args) ; - messageList.postMessage("STATUS", writeBuf); + messageList.postMessage("STATUS", buffer); + g_free(buffer); } //################################ @@ -2227,13 +2229,13 @@ void PedroGui::doEvent(const XmppEvent &event) case XmppEvent::EVENT_STATUS: { //printf("##### STATUS: %s\n", event.getData().c_str()); - status(event.getData().c_str()); + status("%s", event.getData().c_str()); break; } case XmppEvent::EVENT_ERROR: { //printf("##### ERROR: %s\n", event.getData().c_str()); - error(event.getData().c_str()); + error("%s", event.getData().c_str()); padlockDisable(); break; } |