rev |
line source |
al@19715
|
1 Patch by Guillem Jover <guillem@debian.org> for arj <= 3.10.22, which
|
al@19715
|
2 fixes format security errors.
|
al@19715
|
3
|
al@19715
|
4 ---
|
al@19715
|
5 arj_arcv.c | 12 ++++++------
|
al@19715
|
6 arj_user.c | 8 ++++----
|
al@19715
|
7 arjdisp.c | 58 ++++++++++++++++++++++++++++------------------------------
|
al@19715
|
8 arjsfx.c | 2 +-
|
al@19715
|
9 fardata.c | 10 +++++-----
|
al@19715
|
10 rearj.c | 2 +-
|
al@19715
|
11 register.c | 2 +-
|
al@19715
|
12 7 files changed, 46 insertions(+), 48 deletions(-)
|
al@19715
|
13
|
al@19715
|
14 --- a/fardata.c
|
al@19715
|
15 +++ b/fardata.c
|
al@19715
|
16 @@ -52,7 +52,7 @@ int error_proc(FMSG *errmsg, ...)
|
al@19715
|
17 /* Check if the message could have a standard error code */
|
al@19715
|
18 if(errno!=0&&is_std_error(errmsg))
|
al@19715
|
19 {
|
al@19715
|
20 - msg_cprintf(0, lf);
|
al@19715
|
21 + msg_cprintf(0, "\n");
|
al@19715
|
22 error_report();
|
al@19715
|
23 }
|
al@19715
|
24 #endif
|
al@19715
|
25 @@ -379,10 +379,10 @@ static void flush_cbuf(int ccode, char *
|
al@19715
|
26 {
|
al@19715
|
27 #if SFX_LEVEL>=ARJSFXV
|
al@19715
|
28 fprintf(new_stdout, strform, n_text);
|
al@19715
|
29 - fprintf(new_stdout, lf);
|
al@19715
|
30 + fprintf(new_stdout, "\n");
|
al@19715
|
31 #else
|
al@19715
|
32 printf(strform, n_text);
|
al@19715
|
33 - printf(lf);
|
al@19715
|
34 + printf("\n");
|
al@19715
|
35 #endif
|
al@19715
|
36 }
|
al@19715
|
37 else
|
al@19715
|
38 @@ -393,13 +393,13 @@ static void flush_cbuf(int ccode, char *
|
al@19715
|
39 #ifdef NEED_CRLF
|
al@19715
|
40 scr_out("\r");
|
al@19715
|
41 #endif
|
al@19715
|
42 - scr_out(lf);
|
al@19715
|
43 + scr_out("\n");
|
al@19715
|
44 }
|
al@19715
|
45 if(!no_colors)
|
al@19715
|
46 textcolor(color_table[ccode&H_COLORMASK].color);
|
al@19715
|
47 #else
|
al@19715
|
48 printf(strform, n_text);
|
al@19715
|
49 - printf(lf);
|
al@19715
|
50 + printf("\n");
|
al@19715
|
51 #endif
|
al@19715
|
52 n_text=t_text+1;
|
al@19715
|
53 #if SFX_LEVEL>=ARJ
|
al@19715
|
54 --- a/arj_user.c
|
al@19715
|
55 +++ b/arj_user.c
|
al@19715
|
56 @@ -1059,7 +1059,7 @@ static void finish_processing(int cmd)
|
al@19715
|
57 if(recover_file(tmp_archive_name, nullstr, tmp_tmp_filename, protected, eof_pos))
|
al@19715
|
58 {
|
al@19715
|
59 msg_cprintf(H_HL, M_CANT_FIND_DAMAGE, archive_name);
|
al@19715
|
60 - printf(lf);
|
al@19715
|
61 + printf("\n");
|
al@19715
|
62 }
|
al@19715
|
63 else
|
al@19715
|
64 {
|
al@19715
|
65 @@ -1294,7 +1294,7 @@ static void finish_processing(int cmd)
|
al@19715
|
66 if(recover_file(archive_name, nullstr, nullstr, protected, eof_pos))
|
al@19715
|
67 {
|
al@19715
|
68 msg_cprintf(H_HL, M_CANT_FIND_DAMAGE, archive_name);
|
al@19715
|
69 - printf(lf);
|
al@19715
|
70 + printf("\n");
|
al@19715
|
71 }
|
al@19715
|
72 else
|
al@19715
|
73 {
|
al@19715
|
74 @@ -1327,7 +1327,7 @@ static void finish_processing(int cmd)
|
al@19715
|
75 msg_cprintf(0, M_CHAPTERS_ON);
|
al@19715
|
76 else if(chapter_mode==CHAP_REMOVE)
|
al@19715
|
77 msg_cprintf(0, M_CHAPTERS_OFF);
|
al@19715
|
78 - msg_cprintf(0, strform, lf);
|
al@19715
|
79 + msg_cprintf(0, strform, "\n");
|
al@19715
|
80 }
|
al@19715
|
81 if(cmd==ARJ_CMD_COPY&&protfile_option&&!arjprot_tail)
|
al@19715
|
82 msg_cprintf(0, M_ARJPROT_DISABLED);
|
al@19715
|
83 @@ -2303,7 +2303,7 @@ void process_archive()
|
al@19715
|
84 timestamp_to_str(timetext, &ftime_stamp);
|
al@19715
|
85 msg_cprintf(H_HL|H_NFMT, M_ARCHIVE_CREATED, timetext);
|
al@19715
|
86 if(show_ansi_comments)
|
al@19715
|
87 - printf(cmt_ptr);
|
al@19715
|
88 + fputs(cmt_ptr, stdout);
|
al@19715
|
89 else
|
al@19715
|
90 display_comment(cmt_ptr);
|
al@19715
|
91 /* The sfx_setup() occurs here */
|
al@19715
|
92 --- a/arj_arcv.c
|
al@19715
|
93 +++ b/arj_arcv.c
|
al@19715
|
94 @@ -913,13 +913,13 @@ int supply_comment(char *cmtname, char *
|
al@19715
|
95 else
|
al@19715
|
96 {
|
al@19715
|
97 strcat(tmp_comment, tmp_cmtline);
|
al@19715
|
98 - strcat(tmp_comment, lf);
|
al@19715
|
99 + strcat(tmp_comment, "\n");
|
al@19715
|
100 }
|
al@19715
|
101 }
|
al@19715
|
102 else
|
al@19715
|
103 {
|
al@19715
|
104 strcat(tmp_comment, tmp_cmtline);
|
al@19715
|
105 - strcat(tmp_comment, lf);
|
al@19715
|
106 + strcat(tmp_comment, "\n");
|
al@19715
|
107 }
|
al@19715
|
108 }
|
al@19715
|
109 }
|
al@19715
|
110 @@ -1846,7 +1846,7 @@ int pack_file(int is_update, int is_repl
|
al@19715
|
111 raw_eh=eh_lookup(eh, UXSPECIAL_ID)->raw;
|
al@19715
|
112 uxspecial_stats(raw_eh, UXSTATS_SHORT);
|
al@19715
|
113 }
|
al@19715
|
114 - msg_cprintf(0, lf);
|
al@19715
|
115 + msg_cprintf(0, "\n");
|
al@19715
|
116 }
|
al@19715
|
117 if(err_id==0&&user_wants_fail)
|
al@19715
|
118 {
|
al@19715
|
119 @@ -2523,9 +2523,9 @@ int unpack_validation()
|
al@19715
|
120 {
|
al@19715
|
121 msg_cprintf(0, (FMSG *)strform, misc_buf);
|
al@19715
|
122 if(search_mode==SEARCH_DEFAULT)
|
al@19715
|
123 - msg_cprintf(0, (FMSG *)lf);
|
al@19715
|
124 + msg_cprintf(0, "\n");
|
al@19715
|
125 if(search_mode==SEARCH_BRIEF)
|
al@19715
|
126 - msg_cprintf(0, (FMSG *)cr);
|
al@19715
|
127 + msg_cprintf(0, "\r");
|
al@19715
|
128 }
|
al@19715
|
129 for(pattern=0; pattern<SEARCH_STR_MAX; search_occurences[pattern++]=0);
|
al@19715
|
130 reserve_size=0;
|
al@19715
|
131 @@ -3652,7 +3652,7 @@ void archive_cleanup()
|
al@19715
|
132 {
|
al@19715
|
133 if(msg_fprintf(idxstream, M_TESTING, archive_name)<0)
|
al@19715
|
134 error(M_DISK_FULL);
|
al@19715
|
135 - if(fprintf(idxstream, lf)<0)
|
al@19715
|
136 + if(fprintf(idxstream, "\n")<0)
|
al@19715
|
137 error(M_DISK_FULL);
|
al@19715
|
138 }
|
al@19715
|
139 cmd_verb=ARJ_CMD_TEST;
|
al@19715
|
140 --- a/arjsfx.c
|
al@19715
|
141 +++ b/arjsfx.c
|
al@19715
|
142 @@ -214,7 +214,7 @@ static void final_cleanup(void)
|
al@19715
|
143 freopen(dev_con, m_w, stdout);
|
al@19715
|
144 #if SFX_LEVEL>=ARJSFXV
|
al@19715
|
145 if(ferror(stdout))
|
al@19715
|
146 - msg_fprintf(stderr, M_DISK_FULL);
|
al@19715
|
147 + msg_fprintf(stderr, "Can't write file. Disk full?");
|
al@19715
|
148 if(debug_enabled&&strchr(debug_opt, 't')!=NULL)
|
al@19715
|
149 {
|
al@19715
|
150 ticks=get_ticks()-ticks;
|
al@19715
|
151 --- a/rearj.c
|
al@19715
|
152 +++ b/rearj.c
|
al@19715
|
153 @@ -935,7 +935,7 @@ static int convert_archive(char *name)
|
al@19715
|
154 msg_cprintf(H_HL|H_NFMT, M_OLD_SIZE, old_fsize);
|
al@19715
|
155 msg_cprintf(H_HL|H_NFMT, M_NEW_SIZE, new_fsize);
|
al@19715
|
156 msg_cprintf(H_HL|H_NFMT, M_SAVINGS_SIZE, gain);
|
al@19715
|
157 - printf(lf);
|
al@19715
|
158 + printf("\n");
|
al@19715
|
159 total_old_fsize+=old_fsize;
|
al@19715
|
160 total_new_fsize+=new_fsize;
|
al@19715
|
161 total_files++;
|
al@19715
|
162 --- a/register.c
|
al@19715
|
163 +++ b/register.c
|
al@19715
|
164 @@ -205,7 +205,7 @@ int main(int argc, char **argv)
|
al@19715
|
165 char reg_source[200];
|
al@19715
|
166 int i;
|
al@19715
|
167
|
al@19715
|
168 - printf(M_REGISTER_BANNER);
|
al@19715
|
169 + fputs(M_REGISTER_BANNER, stdout);
|
al@19715
|
170 integrity_pattern[0]--;
|
al@19715
|
171 build_crc32_table();
|
al@19715
|
172 if(argc!=2)
|
al@19715
|
173 --- a/arjdisp.c
|
al@19715
|
174 +++ b/arjdisp.c
|
al@19715
|
175 @@ -20,8 +20,6 @@ static long bytes;
|
al@19715
|
176 static long compsize;
|
al@19715
|
177 static char cmd_verb;
|
al@19715
|
178 static char msg_lf[]="\n";
|
al@19715
|
179 -char strform[]="%s"; /* Export it for scrnio.c, too
|
al@19715
|
180 - (a byte saved is a byte gained) */
|
al@19715
|
181
|
al@19715
|
182 /* Pseudographical controls */
|
al@19715
|
183
|
al@19715
|
184 @@ -54,19 +52,19 @@ static void show_init_scrn()
|
al@19715
|
185 textcolor(7);
|
al@19715
|
186 clrscr();
|
al@19715
|
187 gotoxy(2, 2);
|
al@19715
|
188 - scrprintf(win_top);
|
al@19715
|
189 + fputs(win_top, stdout);
|
al@19715
|
190 for(i=3; i<24; i++)
|
al@19715
|
191 {
|
al@19715
|
192 - gotoxy(2, i); scrprintf(win_border);
|
al@19715
|
193 - gotoxy(79, i); scrprintf(win_border);
|
al@19715
|
194 + gotoxy(2, i); fputs(win_border, stdout);
|
al@19715
|
195 + gotoxy(79, i); fputs(win_border, stdout);
|
al@19715
|
196 }
|
al@19715
|
197 - gotoxy(2, 24); scrprintf(win_bottom);
|
al@19715
|
198 + gotoxy(2, 24); fputs(win_bottom, stdout);
|
al@19715
|
199 gotoxy(10, 5);
|
al@19715
|
200 - scrprintf(M_ARJDISP_COPYRIGHT);
|
al@19715
|
201 + fputs(M_ARJDISP_COPYRIGHT, stdout);
|
al@19715
|
202 gotoxy(10, 6);
|
al@19715
|
203 - scrprintf(M_ARJDISP_DISTRIBUTION);
|
al@19715
|
204 + fputs(M_ARJDISP_DISTRIBUTION, stdout);
|
al@19715
|
205 gotoxy(10, 7);
|
al@19715
|
206 - scrprintf(M_ARJDISP_LICENSE);
|
al@19715
|
207 + fputs(M_ARJDISP_LICENSE, stdout);
|
al@19715
|
208 gotoxy(16, 10);
|
al@19715
|
209 scrprintf(M_PROCESSING_ARCHIVE, archive_name);
|
al@19715
|
210 t=strtok(M_ARJDISP_INFO, msg_lf);
|
al@19715
|
211 @@ -74,11 +72,11 @@ static void show_init_scrn()
|
al@19715
|
212 while(t!=NULL&&i<=23)
|
al@19715
|
213 {
|
al@19715
|
214 gotoxy(10, i++);
|
al@19715
|
215 - scrprintf(strform, t);
|
al@19715
|
216 + scrprintf("%s", t);
|
al@19715
|
217 t=strtok(NULL, msg_lf);
|
al@19715
|
218 }
|
al@19715
|
219 gotoxy(16, 20);
|
al@19715
|
220 - scrprintf(M_PRESS_ANY_KEY);
|
al@19715
|
221 + fputs(M_PRESS_ANY_KEY, stdout);
|
al@19715
|
222 uni_getch();
|
al@19715
|
223 gotoxy(1, 24);
|
al@19715
|
224 }
|
al@19715
|
225 @@ -96,19 +94,19 @@ static void show_proc_scrn()
|
al@19715
|
226 {
|
al@19715
|
227 clrscr();
|
al@19715
|
228 gotoxy(2, 2);
|
al@19715
|
229 - scrprintf(win_top);
|
al@19715
|
230 + fputs(win_top, stdout);
|
al@19715
|
231 for(i=3; i<24; i++)
|
al@19715
|
232 {
|
al@19715
|
233 - gotoxy(2, i); scrprintf(win_border);
|
al@19715
|
234 - gotoxy(79, i); scrprintf(win_border);
|
al@19715
|
235 + gotoxy(2, i); fputs(win_border, stdout);
|
al@19715
|
236 + gotoxy(79, i); fputs(win_border, stdout);
|
al@19715
|
237 }
|
al@19715
|
238 - gotoxy(2, 24); scrprintf(win_bottom);
|
al@19715
|
239 + gotoxy(2, 24); fputs(win_bottom, stdout);
|
al@19715
|
240 gotoxy(10, 5);
|
al@19715
|
241 - scrprintf(M_ARJDISP_COPYRIGHT);
|
al@19715
|
242 + fputs(M_ARJDISP_COPYRIGHT, stdout);
|
al@19715
|
243 gotoxy(10, 6);
|
al@19715
|
244 - scrprintf(M_ARJDISP_DISTRIBUTION);
|
al@19715
|
245 + fputs(M_ARJDISP_DISTRIBUTION, stdout);
|
al@19715
|
246 gotoxy(10, 7);
|
al@19715
|
247 - scrprintf(M_ARJDISP_LICENSE);
|
al@19715
|
248 + fputs(M_ARJDISP_LICENSE, stdout);
|
al@19715
|
249 gotoxy(16, 10);
|
al@19715
|
250 scrprintf(M_PROCESSING_ARCHIVE, archive_name);
|
al@19715
|
251 gotoxy(16, 12);
|
al@19715
|
252 @@ -132,13 +130,13 @@ static void show_proc_scrn()
|
al@19715
|
253 break;
|
al@19715
|
254 }
|
al@19715
|
255 gotoxy(15, 14);
|
al@19715
|
256 - scrprintf(ind_top);
|
al@19715
|
257 + fputs(ind_top, stdout);
|
al@19715
|
258 gotoxy(15, 15);
|
al@19715
|
259 - scrprintf(ind_middle);
|
al@19715
|
260 + fputs(ind_middle, stdout);
|
al@19715
|
261 gotoxy(15, 16);
|
al@19715
|
262 - scrprintf(ind_bottom);
|
al@19715
|
263 + fputs(ind_bottom, stdout);
|
al@19715
|
264 gotoxy(16, 18);
|
al@19715
|
265 - scrprintf(M_ARJDISP_CTR_START);
|
al@19715
|
266 + fputs(M_ARJDISP_CTR_START, stdout);
|
al@19715
|
267 }
|
al@19715
|
268 else
|
al@19715
|
269 {
|
al@19715
|
270 @@ -146,7 +144,7 @@ static void show_proc_scrn()
|
al@19715
|
271 gotoxy(16, 15);
|
al@19715
|
272 memset(progress, indo, i);
|
al@19715
|
273 progress[i]='\0';
|
al@19715
|
274 - scrprintf(progress);
|
al@19715
|
275 + fputs(progress, stdout);
|
al@19715
|
276 gotoxy(16, 18);
|
al@19715
|
277 scrprintf(M_ARJDISP_CTR, calc_percentage(bytes, uncompsize)/10);
|
al@19715
|
278 }
|
al@19715
|
279 @@ -165,19 +163,19 @@ static void show_ending_scrn()
|
al@19715
|
280 textcolor(7);
|
al@19715
|
281 clrscr();
|
al@19715
|
282 gotoxy(2, 2);
|
al@19715
|
283 - scrprintf(win_top);
|
al@19715
|
284 + fputs(win_top, stdout);
|
al@19715
|
285 for(i=3; i<24; i++)
|
al@19715
|
286 {
|
al@19715
|
287 - gotoxy(2, i); scrprintf(win_border);
|
al@19715
|
288 - gotoxy(79, i); scrprintf(win_border);
|
al@19715
|
289 + gotoxy(2, i); fputs(win_border, stdout);
|
al@19715
|
290 + gotoxy(79, i); fputs(win_border, stdout);
|
al@19715
|
291 }
|
al@19715
|
292 - gotoxy(2, 24); scrprintf(win_bottom);
|
al@19715
|
293 + gotoxy(2, 24); fputs(win_bottom, stdout);
|
al@19715
|
294 gotoxy(10, 5);
|
al@19715
|
295 - scrprintf(M_ARJDISP_COPYRIGHT);
|
al@19715
|
296 + fputs(M_ARJDISP_COPYRIGHT, stdout);
|
al@19715
|
297 gotoxy(10, 6);
|
al@19715
|
298 - scrprintf(M_ARJDISP_DISTRIBUTION);
|
al@19715
|
299 + fputs(M_ARJDISP_DISTRIBUTION, stdout);
|
al@19715
|
300 gotoxy(10, 7);
|
al@19715
|
301 - scrprintf(M_ARJDISP_LICENSE);
|
al@19715
|
302 + fputs(M_ARJDISP_LICENSE, stdout);
|
al@19715
|
303 gotoxy(16, 10);
|
al@19715
|
304 scrprintf(M_FINISHED_PROCESSING, archive_name);
|
al@19715
|
305 gotoxy(1, 24);
|