cdrdao/cdrdao-1.2.3-format_security.patch

58 lines
2.1 KiB
Diff
Raw Normal View History

diff -up wrk/pccts/antlr/fset2.c.wrk wrk/pccts/antlr/fset2.c
--- wrk/pccts/antlr/fset2.c.wrk 2013-12-05 11:33:33.561962126 +0100
+++ wrk/pccts/antlr/fset2.c 2013-12-05 11:33:52.009105807 +0100
@@ -2210,7 +2210,7 @@ void MR_backTraceReport()
if (p->ntype != nToken) continue;
tn=(TokNode *)p;
if (depth != 0) fprintf(stdout," ");
- fprintf(stdout,TerminalString(tn->token));
+ fprintf(stdout,"%s",TerminalString(tn->token));
depth++;
if (! MR_AmbAidMultiple) {
if (set_nil(tn->tset)) {
diff -up wrk/pccts/antlr/gen.c.wrk wrk/pccts/antlr/gen.c
--- wrk/pccts/antlr/gen.c.wrk 2013-12-05 11:26:36.384714088 +0100
+++ wrk/pccts/antlr/gen.c 2013-12-05 11:29:41.894158536 +0100
@@ -3866,7 +3866,7 @@ int file;
/* MR10 */ _gen(" * ");
/* MR10 */ for (i=0 ; i < Save_argc ; i++) {
/* MR10 */ _gen(" ");
-/* MR10 */ _gen(Save_argv[i]);
+/* MR10 */ _gen1("%s",Save_argv[i]);
/* MR10 */ };
_gen("\n");
_gen(" *\n");
diff -up wrk/pccts/antlr/lex.c.wrk wrk/pccts/antlr/lex.c
--- wrk/pccts/antlr/lex.c.wrk 2013-12-05 11:15:51.912722340 +0100
+++ wrk/pccts/antlr/lex.c 2013-12-05 11:19:04.039210441 +0100
@@ -706,7 +706,7 @@ FILE *output;
/* MR26 */ if (! (isalpha(*t) || isdigit(*t) || *t == '_' || *t == '$')) break;
/* MR26 */ }
/* MR26 */ }
-/* MR26 */ fprintf(output,strBetween(pSymbol, t, pSeparator));
+/* MR26 */ fprintf(output,"%s",strBetween(pSymbol, t, pSeparator));
*q = p;
return (*pSeparator == 0);
@@ -771,7 +771,7 @@ FILE *f;
&pValue,
&pSeparator,
&nest);
- fprintf(f,strBetween(pDataType, pSymbol, pSeparator));
+ fprintf(f,"%s",strBetween(pDataType, pSymbol, pSeparator));
}
/* check to see if string e is a word in string s */
@@ -852,9 +852,9 @@ int i;
&pSeparator,
&nest);
fprintf(f,"\t");
- fprintf(f,strBetween(pDataType, pSymbol, pSeparator));
+ fprintf(f,"%s",strBetween(pDataType, pSymbol, pSeparator));
fprintf(f," ");
- fprintf(f,strBetween(pSymbol, pEqualSign, pSeparator));
+ fprintf(f,"%s",strBetween(pSymbol, pEqualSign, pSeparator));
fprintf(f,";\n");
}
fprintf(f,"};\n");