From 4687a1c9ffe0d1d3f6ea01f360faa542a5b6491c Mon Sep 17 00:00:00 2001
From: Kees Cook <kees@outflux.net>
Date: Tue, 20 Mar 2007 17:16:36 +0000
Subject: format string protection/clean up (CVE-2007-1463, CVE-2007-1464)

(bzr r2720)
---
 src/interface.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/interface.cpp')

diff --git a/src/interface.cpp b/src/interface.cpp
index dad1146c0..c7608f53a 100644
--- a/src/interface.cpp
+++ b/src/interface.cpp
@@ -1247,7 +1247,7 @@ sp_ui_error_dialog(gchar const *message)
     gchar *safeMsg = Inkscape::IO::sanitizeString(message);
 
     dlg = gtk_message_dialog_new(NULL, GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR,
-                                 GTK_BUTTONS_CLOSE, safeMsg);
+                                 GTK_BUTTONS_CLOSE, "%s", safeMsg);
     sp_transientize(dlg);
     gtk_window_set_resizable(GTK_WINDOW(dlg), FALSE);
     gtk_dialog_run(GTK_DIALOG(dlg));
-- 
cgit v1.2.3