1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
unzip: Fixing security formatting issues
Fix security formatting issues related to sprintf parameters expeted.
[YOCTO #9551]
[https://bugzilla.yoctoproject.org/show_bug.cgi?id=9551]
Upstream-Status: Pending
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
diff --git a/extract.c b/extract.c
index 7cd9123..25c5a62 100644
--- a/extract.c
+++ b/extract.c
@@ -475,7 +475,7 @@ int extract_or_test_files(__G) /* return PK-type error code */
Info(slide, 0x401, ((char *)slide,
LoadFarString(CentSigMsg), j + blknum*DIR_BLKSIZ + 1));
Info(slide, 0x401, ((char *)slide,
- LoadFarString(ReportMsg)));
+ "%s",LoadFarString(ReportMsg)));
error_in_archive = PK_BADERR;
}
reached_end = TRUE; /* ...so no more left to do */
@@ -754,8 +754,8 @@ int extract_or_test_files(__G) /* return PK-type error code */
#ifndef SFX
if (no_endsig_found) { /* just to make sure */
- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
- Info(slide, 0x401, ((char *)slide, LoadFarString(ReportMsg)));
+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(ReportMsg)));
if (!error_in_archive) /* don't overwrite stronger error */
error_in_archive = PK_WARN;
}
diff --git a/list.c b/list.c
index 15e0011..0b484f6 100644
--- a/list.c
+++ b/list.c
@@ -181,7 +181,7 @@ int list_files(__G) /* return PK-type error code */
Info(slide, 0x401,
((char *)slide, LoadFarString(CentSigMsg), j));
Info(slide, 0x401,
- ((char *)slide, LoadFarString(ReportMsg)));
+ ((char *)slide, "%s", LoadFarString(ReportMsg)));
return PK_BADERR; /* sig not found */
}
}
@@ -507,7 +507,7 @@ int list_files(__G) /* return PK-type error code */
&& (!G.ecrec.is_zip64_archive)
&& (memcmp(G.sig, end_central_sig, 4) != 0)
) { /* just to make sure again */
- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
error_in_archive = PK_WARN; /* didn't find sig */
}
@@ -591,7 +591,7 @@ int get_time_stamp(__G__ last_modtime, nmember) /* return PK-type error code */
Info(slide, 0x401,
((char *)slide, LoadFarString(CentSigMsg), j));
Info(slide, 0x401,
- ((char *)slide, LoadFarString(ReportMsg)));
+ ((char *)slide, "%s", LoadFarString(ReportMsg)));
return PK_BADERR; /* sig not found */
}
}
@@ -674,7 +674,7 @@ int get_time_stamp(__G__ last_modtime, nmember) /* return PK-type error code */
---------------------------------------------------------------------------*/
if (memcmp(G.sig, end_central_sig, 4)) { /* just to make sure again */
- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
error_in_archive = PK_WARN;
}
if (*nmember == 0L && error_in_archive <= PK_WARN)
diff --git a/zipinfo.c b/zipinfo.c
index 0ac75b3..1e7fa82 100644
--- a/zipinfo.c
+++ b/zipinfo.c
@@ -833,7 +833,7 @@ int zipinfo(__G) /* return PK-type error code */
Info(slide, 0x401,
((char *)slide, LoadFarString(CentSigMsg), j));
Info(slide, 0x401,
- ((char *)slide, LoadFarString(ReportMsg)));
+ ((char *)slide, "%s", LoadFarString(ReportMsg)));
error_in_archive = PK_BADERR; /* sig not found */
break;
}
@@ -1022,7 +1022,7 @@ int zipinfo(__G) /* return PK-type error code */
&& (!G.ecrec.is_zip64_archive)
&& (memcmp(G.sig, end_central_sig, 4) != 0)
) { /* just to make sure again */
- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
error_in_archive = PK_WARN; /* didn't find sig */
}
|
