[garden] Fix format-security FTBFS.

[Jon Ciesla]

commit c28a4e9a9381976847d7e8577e007e0005745faf
Author: Jon Ciesla <limburgher at gmail.com>
Date:   Mon Feb 10 12:59:33 2014 -0600

    Fix format-security FTBFS.

 garden-printf-format.patch |   33 +++++++++++++++++++++++++++++++++
 garden.spec                |    7 ++++++-
 2 files changed, 39 insertions(+), 1 deletions(-)
---
diff --git a/garden-printf-format.patch b/garden-printf-format.patch
new file mode 100644
index 0000000..4d17340
--- /dev/null
+++ b/garden-printf-format.patch
@@ -0,0 +1,33 @@
+--- src/input.c~	2008-12-20 10:53:33.000000000 -0600
++++ src/input.c	2014-02-10 12:40:11.453063333 -0600
+@@ -1053,7 +1053,7 @@
+ 
+ 			msg = calibrate_joystick_name (0);
+ 
+-			textprintf_centre_ex (screen, font, 320, 170, -1, -1, msg);
++			textprintf_centre_ex (screen, font, 320, 170, -1, -1, "%s", msg);
+ 			textprintf_centre_ex (screen, font, 320, 200, -1, -1, "AND PRESS SPACE");
+ 
+ 			do
+--- src/menu.c~	2010-03-05 15:39:32.000000000 -0600
++++ src/menu.c	2014-02-10 12:46:45.951074196 -0600
+@@ -632,7 +632,7 @@
+ 	rectfill (display, 210, 200, 430, 250, COL_OUTLINE);
+ 	rect (display, 211, 201, 429, 249, COL_COL1);
+ 
+-	textprintf_centre_ex (display, font, 320, 222, -1, -1, ktext);
++	textprintf_centre_ex (display, font, 320, 222, -1, -1, "%s", ktext);
+ 
+ 	vsync ();
+ 	blit (display, screen, 0, 0, 0, 0, 640, 480);
+--- src/stuff.c~	2008-12-19 16:33:26.000000000 -0600
++++ src/stuff.c	2014-02-10 12:53:22.942085128 -0600
+@@ -199,7 +199,7 @@
+ void error_message_out (const char *errm)
+ {
+ 	set_gfx_mode (GFX_TEXT, 0, 0, 0, 0);
+-	allegro_message (errm);
++	allegro_message ("%s", errm);
+ 	exit (1);
+ }
+ 
diff --git a/garden.spec b/garden.spec
index ac4d3a4..c0865a1 100644
--- a/garden.spec
+++ b/garden.spec
@@ -1,6 +1,6 @@
 Name:           garden
 Version:        1.0.8
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        An innovative old-school 2D vertical shoot-em-up
 
 Group:          Amusements/Games
@@ -8,6 +8,7 @@ License:        GPLv3+
 URL:            http://garden.sourceforge.net/
 Source0:        http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 Patch0:         garden-dso.patch
+Patch1:         garden-printf-format.patch
 
 BuildRequires:  allegro-devel
 BuildRequires:  desktop-file-utils
@@ -27,6 +28,7 @@ you are dealing with a true piece of art...
 # patch for DSO-linking
 # https://sourceforge.net/tracker/?func=detail&aid=2982590&group_id=242667&atid=1121672
 %patch0 -p1 -b .dso
+%patch1 -p0 -b .format
 
 %build
 %configure 
@@ -60,6 +62,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %{_datadir}/applications/%{name}.desktop
 
 %changelog
+* Mon Feb 10 2014 Jonathan Ciesla <limburgher at gmail.com> - 1.0.8-9
+- Fix format-security FTBFS, BZ 1037077.
+
 * Sat Aug 03 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.8-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild