[xarchiver] Fix FTBFS with -Werror=format-security (#1037390, #1107209)

Yaakov Selkowitz yselkowitz at fedoraproject.org
Tue Jul 8 03:15:51 UTC 2014 

commit db50674a02dcbfa98a5d6b714068ea7289aa6ea1
Author: Yaakov Selkowitz <yselkowi at redhat.com>
Date:   Thu Jun 19 11:23:39 2014 -0500

    Fix FTBFS with -Werror=format-security (#1037390, #1107209)

 xarchiver-0.5.2-format-security.patch |   23 +++++++++++++++++++++++
 xarchiver.spec                        |    8 +++++++-
 2 files changed, 30 insertions(+), 1 deletions(-)
---
diff --git a/xarchiver-0.5.2-format-security.patch b/xarchiver-0.5.2-format-security.patch
new file mode 100644
index 0000000..d1ae516
--- /dev/null
+++ b/xarchiver-0.5.2-format-security.patch
@@ -0,0 +1,23 @@
+--- a/src/window.c
++++ b/src/window.c
+@@ -231,9 +231,9 @@ int xa_show_message_dialog (GtkWindow *window,int mode,int type,int button,const
+ {
+ 	int response;
+ 
+-	dialog = gtk_message_dialog_new (window,mode,type,button,message1);
++	dialog = gtk_message_dialog_new (window,mode,type,button,"%s",message1);
+ 	gtk_dialog_set_default_response (GTK_DIALOG (dialog),GTK_RESPONSE_NO);
+-	gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dialog),message2);
++	gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dialog),"%s",message2);
+ 	response = gtk_dialog_run (GTK_DIALOG (dialog));
+ 	gtk_widget_destroy (GTK_WIDGET (dialog));
+ 	return response;
+@@ -509,7 +509,7 @@ void xa_list_archive (GtkMenuItem *menuitem,gpointer data)
+ 			g_fprintf (stream,_("Comment:\n"));
+ 			if (bp)
+ 				g_fprintf(stream,"</b><pre>");
+-			g_fprintf (stream,archive[idx]->comment->str);
++			g_fprintf (stream,"%s",archive[idx]->comment->str);
+ 			if (bp)
+ 				g_fprintf(stream,"</pre>");
+ 			g_fprintf (stream,"\n");
diff --git a/xarchiver.spec b/xarchiver.spec
index 4119b09..f3a1711 100644
--- a/xarchiver.spec
+++ b/xarchiver.spec
@@ -1,6 +1,6 @@
 Name:           xarchiver
 Version:        0.5.2
-Release:        19%{?dist}
+Release:        20%{?dist}
 Summary:        Archive manager for Xfce
 
 Group:          Applications/Archiving
@@ -29,6 +29,8 @@ Patch4:         xarchiver-0.5.2-segfault-open-with.patch
 Patch5:         xarchiver-0.5.2-fix_7z_support.patch
 # rhbz#784075 - extraction fails when the Drag'n'Drop target path contains spaces
 Patch6:         xarchiver-0.5.2-drag-n-drop_escaped_path.patch
+# -Werror=format-security
+Patch7:         xarchiver-0.5.2-format-security.patch
 
 BuildRequires:  gtk2-devel, libxml2-devel, gettext, desktop-file-utils
 BuildRequires:  xfce4-dev-tools >= 4.3.90.2
@@ -57,6 +59,7 @@ chmod -x src/mime.*
 %patch4 -p1 -b .segfault-open-with
 %patch5 -p1 -b .fix_7z_support
 %patch6 -p1 -b .dnd_escaped_path
+%patch7 -p1 -b .formatsec
 
 %build
 autoreconf -vif
@@ -123,6 +126,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 
 
 %changelog
+* Thu Jun 19 2014 Yaakov Selkowitz <yselkowi at redhat.com> - 0.5.2-20
+- Fix FTBFS with -Werror=format-security (#1037390, #1107209)
+
 * Sun Jun 08 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.5.2-19
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

More information about the scm-commits mailing list