[glade] gladeui: fix a pair of printf security problems

[Juan Pablo Ugarte <jpu src gnome org>]

commit 259e506606f1804953182d1c1279c799ee10aede
Author: Ryan Lortie <desrt desrt ca>
Date:   Sat Dec 21 11:03:17 2013 -0500

    gladeui: fix a pair of printf security problems
    
    In two cases, gladeui was doing the equivalent of
    
      printf (var);
    
    instead of the correct (and safe):
    
      printf ("%s", var);
    
    This was caught by clang's pedantic treatment of non-literal format
    strings forcing me to add G_GNUC_PRINTF attributes to functions
    operating on format strings (which in turn caught the problem).  Those
    changes are also included here.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=720883

 gladeui/glade-command.c |    2 +-
 gladeui/glade-command.h |    2 +-
 gladeui/glade-project.c |    2 +-
 gladeui/glade-utils.h   |    6 ++++--
 4 files changed, 7 insertions(+), 5 deletions(-)
---
diff --git a/gladeui/glade-command.c b/gladeui/glade-command.c
index 4ea5fc9..4803497 100644
--- a/gladeui/glade-command.c
+++ b/gladeui/glade-command.c
@@ -866,7 +866,7 @@ glade_command_set_properties_list (GladeProject *project, GList *props)
 
   multiple = g_list_length (me->sdata) > 1;
   if (multiple)
-    glade_command_push_group (cmd->priv->description);
+    glade_command_push_group ("%s", cmd->priv->description);
 
   glade_command_check_group (GLADE_COMMAND (me));
 
diff --git a/gladeui/glade-command.h b/gladeui/glade-command.h
index 35ac236..44a5f09 100644
--- a/gladeui/glade-command.h
+++ b/gladeui/glade-command.h
@@ -66,7 +66,7 @@ struct _GladeCommandClass
 GType                 glade_command_get_type             (void);
 
 void                  glade_command_push_group           (const gchar       *fmt,
-                                                         ...);
+                                                         ...) G_GNUC_PRINTF (1, 2);
 void                  glade_command_pop_group            (void);
 gint                  glade_command_get_group_depth      (void);
 
diff --git a/gladeui/glade-project.c b/gladeui/glade-project.c
index 9e7e980..53b27bc 100644
--- a/gladeui/glade-project.c
+++ b/gladeui/glade-project.c
@@ -2023,7 +2023,7 @@ glade_project_load_internal (GladeProject *project)
 
       if (message)
         {
-          glade_util_ui_message (glade_app_get_window (), GLADE_UI_ERROR, NULL, message);
+          glade_util_ui_message (glade_app_get_window (), GLADE_UI_ERROR, NULL, "%s", message);
           g_free (message);
         }
       else
diff --git a/gladeui/glade-utils.h b/gladeui/glade-utils.h
index 2eb7d9b..ca02a5b 100644
--- a/gladeui/glade-utils.h
+++ b/gladeui/glade-utils.h
@@ -28,11 +28,13 @@ typedef enum
 gboolean          glade_util_ui_message           (GtkWidget *parent, 
                                                   GladeUIMessageType type,
                                                   GtkWidget *widget,
-                                                  const gchar *format, ...);
+                                                  const gchar *format,
+                                                   ...) G_GNUC_PRINTF (4, 5);
 
 void             glade_util_flash_message      (GtkWidget *statusbar, 
                                                 guint context_id,
-                                                gchar *format, ...);
+                                                gchar *format,
+                                                 ...) G_GNUC_PRINTF (3, 4);
 gboolean          glade_util_url_show              (const gchar *url);
 GtkWidget        *glade_util_file_dialog_new (const gchar *title,
                                              GladeProject *project,