[brasero] libbrasero-burn: Fix potential format string vulnerabilities

From: Philippe Rouquier <philippr src gnome org>
To: commits-list gnome org
Cc:
Subject: [brasero] libbrasero-burn: Fix potential format string vulnerabilities
Date: Sat, 15 May 2010 19:54:32 +0000 (UTC)
commit 12b7fc8ab2ea963c2381a7203865aa4835e1f5be
Author: Tobias Mueller <tobiasmue gnome org>
Date:   Tue Apr 13 00:18:31 2010 +0100

    libbrasero-burn: Fix potential format string vulnerabilities
    
    Several functions, i.e. gtk_message_dialog_format_secondary_text,
    g_set_error or gtk_message_dialog_new expect a format string as argument
    so provide proper, literal strings.
    Fixes bug 615601.

 libbrasero-burn/brasero-burn-options.c  |   10 +++++-----
 libbrasero-burn/brasero-burn.c          |   24 ++++++++++++------------
 libbrasero-burn/brasero-status-dialog.c |    3 +++
 3 files changed, 20 insertions(+), 17 deletions(-)
---
diff --git a/libbrasero-burn/brasero-burn-options.c b/libbrasero-burn/brasero-burn-options.c
index 10379a7..9e3b2cd 100644
--- a/libbrasero-burn/brasero-burn-options.c
+++ b/libbrasero-burn/brasero-burn-options.c
@@ -780,7 +780,6 @@ brasero_status_dialog_uri_has_image (BraseroTrackDataCfg *track,
 {
 	gint answer;
 	gchar *name;
-	gchar *string;
 	GtkWidget *button;
 	GtkWidget *dialog;
 	gboolean was_visible = FALSE;
@@ -802,10 +801,11 @@ brasero_status_dialog_uri_has_image (BraseroTrackDataCfg *track,
 	                          gtk_window_get_icon_name (GTK_WINDOW (self)));
 
 	name = brasero_utils_get_uri_name (uri);
-	/* Translators: %s is the name of the image */
-	string = g_strdup_printf (_("There is only one selected file (\"%s\"). It is the image of a disc and its contents can be burned."), name);
-	gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dialog), string);
-	g_free (string);
+	gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dialog),
+			/* Translators: %s is the name of the image */
+			_("There is only one selected file (\"%s\"). "
+			  "It is the image of a disc and its contents can be burned."),
+			name);
 	g_free (name);
 
 	gtk_dialog_add_button (GTK_DIALOG (dialog), _("Burn as _File"), GTK_RESPONSE_NO);
diff --git a/libbrasero-burn/brasero-burn.c b/libbrasero-burn/brasero-burn.c
index da9c65b..e622d3c 100644
--- a/libbrasero-burn/brasero-burn.c
+++ b/libbrasero-burn/brasero-burn.c
@@ -540,7 +540,7 @@ brasero_burn_ask_for_dest_media (BraseroBurn *burn,
 			g_set_error (error,
 				     BRASERO_BURN_ERROR,
 				     BRASERO_BURN_ERROR_OUTPUT_NONE,
-				     _("No burner specified"));
+				     "%s", _("No burner specified"));
 			return BRASERO_BURN_ERR;
 		}
 	}
@@ -580,7 +580,7 @@ brasero_burn_lock_src_media (BraseroBurn *burn,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_GENERAL,
-			     _("No source drive specified"));
+			     "%s", _("No source drive specified"));
 		return BRASERO_BURN_ERR;
 	}
 
@@ -672,7 +672,7 @@ brasero_burn_lock_rewritable_media (BraseroBurn *burn,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_OUTPUT_NONE,
-			     _("No burner specified"));
+			     "%s", _("No burner specified"));
 		return BRASERO_BURN_NOT_SUPPORTED;
 	}
 
@@ -689,7 +689,7 @@ brasero_burn_lock_rewritable_media (BraseroBurn *burn,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_MEDIUM_NOT_REWRITABLE,
-			     _("The drive has no rewriting capabilities"));
+			     "%s", _("The drive has no rewriting capabilities"));
 		return BRASERO_BURN_NOT_SUPPORTED;
 	}
 
@@ -755,7 +755,7 @@ brasero_burn_lock_dest_media (BraseroBurn *burn,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_OUTPUT_NONE,
-			     _("No burner specified"));
+			     "%s", _("No burner specified"));
 		return BRASERO_BURN_ERR;
 	}
 
@@ -764,7 +764,7 @@ brasero_burn_lock_dest_media (BraseroBurn *burn,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_GENERAL,
-			     _("The drive cannot burn"));
+			     "%s", _("The drive cannot burn"));
 		BRASERO_BURN_NOT_SUPPORTED_LOG (burn);
 	}
 
@@ -1750,7 +1750,7 @@ brasero_burn_check_session_consistency (BraseroBurn *burn,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_GENERAL,
-			     _("There is no track to burn"));
+			     "%s", _("There is no track to burn"));
 		return BRASERO_BURN_ERR;
 	}
 
@@ -1815,7 +1815,7 @@ brasero_burn_check_session_consistency (BraseroBurn *burn,
 				g_set_error (error,
 					     BRASERO_BURN_ERROR,
 					     BRASERO_BURN_ERROR_GENERAL,
-					     _("Merging data is impossible with this disc"));
+					     "%s", _("Merging data is impossible with this disc"));
 				return BRASERO_BURN_ERR;
 			}
 			/* No need to tell the user burnproof is not supported
@@ -1864,7 +1864,7 @@ brasero_burn_check_session_consistency (BraseroBurn *burn,
 			g_set_error (error,
 				     BRASERO_BURN_ERROR,
 				     BRASERO_BURN_ERROR_MISSING_APP_AND_PLUGIN,
-				     string->str);
+				     "%s", string->str);
 
 			g_string_free (string, TRUE);
 		}
@@ -2551,7 +2551,7 @@ brasero_burn_check (BraseroBurn *self,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_GENERAL,
-			     _("Only one track at a time can be checked"));
+			     "%s", _("Only one track at a time can be checked"));
 		return BRASERO_BURN_ERR;
 	}
 
@@ -2610,7 +2610,7 @@ brasero_burn_same_src_dest_image (BraseroBurn *self,
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_GENERAL,
-			     _("No format for the temporary image could be found"));
+			     "%s", _("No format for the temporary image could be found"));
 		return result;
 	}
 
@@ -2821,7 +2821,7 @@ end:
 		g_set_error (error,
 			     BRASERO_BURN_ERROR,
 			     BRASERO_BURN_ERROR_GENERAL,
-			     _("An internal error occurred"));
+			     "%s", _("An internal error occurred"));
 	}
 
 	if (result == BRASERO_BURN_CANCEL) {
diff --git a/libbrasero-burn/brasero-status-dialog.c b/libbrasero-burn/brasero-status-dialog.c
index 45eb761..3922aac 100644
--- a/libbrasero-burn/brasero-status-dialog.c
+++ b/libbrasero-burn/brasero-status-dialog.c
@@ -216,6 +216,7 @@ brasero_status_dialog_deep_directory_cb (BraseroTrackDataCfg *project,
 					  GTK_DIALOG_MODAL,
 					  GTK_MESSAGE_WARNING,
 					  GTK_BUTTONS_NONE,
+					  "%s",
 					  string);
 	g_free (string);
 
@@ -277,6 +278,7 @@ brasero_status_dialog_2G_file_cb (BraseroTrackDataCfg *track,
 					  GTK_DIALOG_MODAL,
 					  GTK_MESSAGE_WARNING,
 					  GTK_BUTTONS_NONE,
+					  "%s",
 					  string);
 	g_free (string);
 
@@ -327,6 +329,7 @@ brasero_status_dialog_joliet_rename_cb (BraseroTrackData *track,
 					  GTK_DIALOG_MODAL,
 					  GTK_MESSAGE_WARNING,
 					  GTK_BUTTONS_NONE,
+					  "%s",
 					  _("Should files be renamed to be fully Windows-compatible?"));
 
 	if (gtk_window_get_icon_name (GTK_WINDOW (dialog)))
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]