Re: [Nautilus-list] Format string vulnerabilities in gnome-db2html2

On 16 Feb 2001 14:49:34 +0000, Richard Boulton wrote:
> I got a few segmentation faults from gnome-db2html2, and have traced them
> to occurences of the '%' character in my documentation.  Looking at the
> code, there are multiple format string problems, in the form of
> sect_print() being called with a user-specified string as its second
> argument, which is then passed to printf (actually g_strdup_vprintf).
> I attach a patch which fixes these problems, and now I can actually
> generate the gstreamer documentation. :)  This patch is combined with the
> previous patch I posted half an hour ago, but shouldn't be at all confusing
> to examine.
> I have CVS write access; if you okay it, I would be happy to commit this
> patch and the previous patch.

Please go ahead and commit then :)

Don't forget to write a ChangeLog entry though, and list me in the
'Reviewed By:' section.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]