[bwm-ng] Fix GCC format security check issue(Thanks to Dhiru Kholia).
Christopher Meng
cicku at fedoraproject.org
Fri Jan 24 08:18:24 UTC 2014
commit a633ba34a41f2c5d243744ca7c506ebdabe597d9
Author: Christopher Meng <i at cicku.me>
Date: Fri Jan 24 16:17:57 2014 +0800
Fix GCC format security check issue(Thanks to Dhiru Kholia).
bwm-ng-0.6-format-security.patch | 22 ++++++++++++++++++++++
bwm-ng.spec | 11 ++++++++---
2 files changed, 30 insertions(+), 3 deletions(-)
---
diff --git a/bwm-ng-0.6-format-security.patch b/bwm-ng-0.6-format-security.patch
new file mode 100644
index 0000000..89a67bb
--- /dev/null
+++ b/bwm-ng-0.6-format-security.patch
@@ -0,0 +1,22 @@
+--- a/src/output.c
++++ a/src/output.c
+@@ -223,8 +223,8 @@ int print_header(int option) {
+ fprintf(tmp_out_file,"<title>bwm-ng stats</title>\n</head>\n<body>\n");
+ }
+ fprintf(tmp_out_file,"<div class=\"bwm-ng-header\">bwm-ng bwm-ng v" VERSION " (refresh %is); input: ",html_refresh);
+- fprintf(tmp_out_file,input2str());
+- fprintf(tmp_out_file,show_all_if2str());
++ fprintf(tmp_out_file,"%s",input2str());
++ fprintf(tmp_out_file,"%s",show_all_if2str());
+ fprintf(tmp_out_file,"</div><table class=\"bwm-ng-output\">");
+ fprintf(tmp_out_file,"<tr class=\"bwm-ng-head\"><td class=\"bwm-ng-name\">Interface</td><td>Rx</td><td>Tx</td><td>Total</td></tr>");
+ break;
+@@ -234,7 +234,7 @@ int print_header(int option) {
+ if (output_method==PLAIN_OUT && ansi_output) printf("\033[1;2H");
+ printf("bwm-ng v" VERSION " (delay %2.3fs); ",(float)delay/1000);
+ if (output_method==PLAIN_OUT) printf("press 'ctrl-c' to end this%s",(ansi_output ? "\033[2;2H" : "")); else printf("input: ");
+- printf(input2str());
++ printf("%s", input2str());
+ printf("%s\n",show_all_if2str());
+ if (output_method==PLAIN_OUT) {
+ if (ansi_output)
diff --git a/bwm-ng.spec b/bwm-ng.spec
index 01134da..751c756 100644
--- a/bwm-ng.spec
+++ b/bwm-ng.spec
@@ -1,15 +1,16 @@
Name: bwm-ng
Version: 0.6
-Release: 13%{?dist}
+Release: 14%{?dist}
Summary: Bandwidth Monitor NG
License: GPLv2+
URL: http://www.volker-gropp.de/?id=projects&sub=bwm-ng
Source0: http://www.volker-gropp.de/bwm-ng/%{name}-%{version}.tar.gz
Source1: bwm-ng.conf
-Requires: hostname
-Requires: procps
+Patch0: bwm-ng-0.6-format-security.patch
BuildRequires: libstatgrab-devel
BuildRequires: ncurses-devel
+Requires: hostname
+Requires: procps
%description
A small and simple console-based live network and disk io bandwidth monitor.
@@ -26,6 +27,7 @@ Features:
%prep
%setup -q
+%patch0 -p1
%build
%configure --enable-64bit \
@@ -54,6 +56,9 @@ install -pDm644 bwm-ng.1 %{buildroot}%{_mandir}/man1/bwm-ng.1
%{_mandir}/man1/bwm-ng.1*
%changelog
+* Fri Jan 03 2014 Christopher Meng <rpm at cicku.me> - 0.6-14
+- Fix gcc dumb security check issue.
+
* Sun Oct 13 2013 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.6-13
- Fix spec-file corruption caused by previous patch.
- Rebuild for libstatgrab.
More information about the scm-commits
mailing list