wok-next annotate arj/stuff/patches/security_format.patch @ rev 19715

Fix building: pciutils, pcmanfm-legacy, arj
author Aleksej Bobylev <al.bobylev@gmail.com>
date Sat May 13 17:25:31 2017 +0300 (2017-05-13)
parents
children
rev   line source
al@19715 1 Patch by Guillem Jover <guillem@debian.org> for arj <= 3.10.22, which
al@19715 2 fixes format security errors.
al@19715 3
al@19715 4 ---
al@19715 5 arj_arcv.c | 12 ++++++------
al@19715 6 arj_user.c | 8 ++++----
al@19715 7 arjdisp.c | 58 ++++++++++++++++++++++++++++------------------------------
al@19715 8 arjsfx.c | 2 +-
al@19715 9 fardata.c | 10 +++++-----
al@19715 10 rearj.c | 2 +-
al@19715 11 register.c | 2 +-
al@19715 12 7 files changed, 46 insertions(+), 48 deletions(-)
al@19715 13
al@19715 14 --- a/fardata.c
al@19715 15 +++ b/fardata.c
al@19715 16 @@ -52,7 +52,7 @@ int error_proc(FMSG *errmsg, ...)
al@19715 17 /* Check if the message could have a standard error code */
al@19715 18 if(errno!=0&&is_std_error(errmsg))
al@19715 19 {
al@19715 20 - msg_cprintf(0, lf);
al@19715 21 + msg_cprintf(0, "\n");
al@19715 22 error_report();
al@19715 23 }
al@19715 24 #endif
al@19715 25 @@ -379,10 +379,10 @@ static void flush_cbuf(int ccode, char *
al@19715 26 {
al@19715 27 #if SFX_LEVEL>=ARJSFXV
al@19715 28 fprintf(new_stdout, strform, n_text);
al@19715 29 - fprintf(new_stdout, lf);
al@19715 30 + fprintf(new_stdout, "\n");
al@19715 31 #else
al@19715 32 printf(strform, n_text);
al@19715 33 - printf(lf);
al@19715 34 + printf("\n");
al@19715 35 #endif
al@19715 36 }
al@19715 37 else
al@19715 38 @@ -393,13 +393,13 @@ static void flush_cbuf(int ccode, char *
al@19715 39 #ifdef NEED_CRLF
al@19715 40 scr_out("\r");
al@19715 41 #endif
al@19715 42 - scr_out(lf);
al@19715 43 + scr_out("\n");
al@19715 44 }
al@19715 45 if(!no_colors)
al@19715 46 textcolor(color_table[ccode&H_COLORMASK].color);
al@19715 47 #else
al@19715 48 printf(strform, n_text);
al@19715 49 - printf(lf);
al@19715 50 + printf("\n");
al@19715 51 #endif
al@19715 52 n_text=t_text+1;
al@19715 53 #if SFX_LEVEL>=ARJ
al@19715 54 --- a/arj_user.c
al@19715 55 +++ b/arj_user.c
al@19715 56 @@ -1059,7 +1059,7 @@ static void finish_processing(int cmd)
al@19715 57 if(recover_file(tmp_archive_name, nullstr, tmp_tmp_filename, protected, eof_pos))
al@19715 58 {
al@19715 59 msg_cprintf(H_HL, M_CANT_FIND_DAMAGE, archive_name);
al@19715 60 - printf(lf);
al@19715 61 + printf("\n");
al@19715 62 }
al@19715 63 else
al@19715 64 {
al@19715 65 @@ -1294,7 +1294,7 @@ static void finish_processing(int cmd)
al@19715 66 if(recover_file(archive_name, nullstr, nullstr, protected, eof_pos))
al@19715 67 {
al@19715 68 msg_cprintf(H_HL, M_CANT_FIND_DAMAGE, archive_name);
al@19715 69 - printf(lf);
al@19715 70 + printf("\n");
al@19715 71 }
al@19715 72 else
al@19715 73 {
al@19715 74 @@ -1327,7 +1327,7 @@ static void finish_processing(int cmd)
al@19715 75 msg_cprintf(0, M_CHAPTERS_ON);
al@19715 76 else if(chapter_mode==CHAP_REMOVE)
al@19715 77 msg_cprintf(0, M_CHAPTERS_OFF);
al@19715 78 - msg_cprintf(0, strform, lf);
al@19715 79 + msg_cprintf(0, strform, "\n");
al@19715 80 }
al@19715 81 if(cmd==ARJ_CMD_COPY&&protfile_option&&!arjprot_tail)
al@19715 82 msg_cprintf(0, M_ARJPROT_DISABLED);
al@19715 83 @@ -2303,7 +2303,7 @@ void process_archive()
al@19715 84 timestamp_to_str(timetext, &ftime_stamp);
al@19715 85 msg_cprintf(H_HL|H_NFMT, M_ARCHIVE_CREATED, timetext);
al@19715 86 if(show_ansi_comments)
al@19715 87 - printf(cmt_ptr);
al@19715 88 + fputs(cmt_ptr, stdout);
al@19715 89 else
al@19715 90 display_comment(cmt_ptr);
al@19715 91 /* The sfx_setup() occurs here */
al@19715 92 --- a/arj_arcv.c
al@19715 93 +++ b/arj_arcv.c
al@19715 94 @@ -913,13 +913,13 @@ int supply_comment(char *cmtname, char *
al@19715 95 else
al@19715 96 {
al@19715 97 strcat(tmp_comment, tmp_cmtline);
al@19715 98 - strcat(tmp_comment, lf);
al@19715 99 + strcat(tmp_comment, "\n");
al@19715 100 }
al@19715 101 }
al@19715 102 else
al@19715 103 {
al@19715 104 strcat(tmp_comment, tmp_cmtline);
al@19715 105 - strcat(tmp_comment, lf);
al@19715 106 + strcat(tmp_comment, "\n");
al@19715 107 }
al@19715 108 }
al@19715 109 }
al@19715 110 @@ -1846,7 +1846,7 @@ int pack_file(int is_update, int is_repl
al@19715 111 raw_eh=eh_lookup(eh, UXSPECIAL_ID)->raw;
al@19715 112 uxspecial_stats(raw_eh, UXSTATS_SHORT);
al@19715 113 }
al@19715 114 - msg_cprintf(0, lf);
al@19715 115 + msg_cprintf(0, "\n");
al@19715 116 }
al@19715 117 if(err_id==0&&user_wants_fail)
al@19715 118 {
al@19715 119 @@ -2523,9 +2523,9 @@ int unpack_validation()
al@19715 120 {
al@19715 121 msg_cprintf(0, (FMSG *)strform, misc_buf);
al@19715 122 if(search_mode==SEARCH_DEFAULT)
al@19715 123 - msg_cprintf(0, (FMSG *)lf);
al@19715 124 + msg_cprintf(0, "\n");
al@19715 125 if(search_mode==SEARCH_BRIEF)
al@19715 126 - msg_cprintf(0, (FMSG *)cr);
al@19715 127 + msg_cprintf(0, "\r");
al@19715 128 }
al@19715 129 for(pattern=0; pattern<SEARCH_STR_MAX; search_occurences[pattern++]=0);
al@19715 130 reserve_size=0;
al@19715 131 @@ -3652,7 +3652,7 @@ void archive_cleanup()
al@19715 132 {
al@19715 133 if(msg_fprintf(idxstream, M_TESTING, archive_name)<0)
al@19715 134 error(M_DISK_FULL);
al@19715 135 - if(fprintf(idxstream, lf)<0)
al@19715 136 + if(fprintf(idxstream, "\n")<0)
al@19715 137 error(M_DISK_FULL);
al@19715 138 }
al@19715 139 cmd_verb=ARJ_CMD_TEST;
al@19715 140 --- a/arjsfx.c
al@19715 141 +++ b/arjsfx.c
al@19715 142 @@ -214,7 +214,7 @@ static void final_cleanup(void)
al@19715 143 freopen(dev_con, m_w, stdout);
al@19715 144 #if SFX_LEVEL>=ARJSFXV
al@19715 145 if(ferror(stdout))
al@19715 146 - msg_fprintf(stderr, M_DISK_FULL);
al@19715 147 + msg_fprintf(stderr, "Can't write file. Disk full?");
al@19715 148 if(debug_enabled&&strchr(debug_opt, 't')!=NULL)
al@19715 149 {
al@19715 150 ticks=get_ticks()-ticks;
al@19715 151 --- a/rearj.c
al@19715 152 +++ b/rearj.c
al@19715 153 @@ -935,7 +935,7 @@ static int convert_archive(char *name)
al@19715 154 msg_cprintf(H_HL|H_NFMT, M_OLD_SIZE, old_fsize);
al@19715 155 msg_cprintf(H_HL|H_NFMT, M_NEW_SIZE, new_fsize);
al@19715 156 msg_cprintf(H_HL|H_NFMT, M_SAVINGS_SIZE, gain);
al@19715 157 - printf(lf);
al@19715 158 + printf("\n");
al@19715 159 total_old_fsize+=old_fsize;
al@19715 160 total_new_fsize+=new_fsize;
al@19715 161 total_files++;
al@19715 162 --- a/register.c
al@19715 163 +++ b/register.c
al@19715 164 @@ -205,7 +205,7 @@ int main(int argc, char **argv)
al@19715 165 char reg_source[200];
al@19715 166 int i;
al@19715 167
al@19715 168 - printf(M_REGISTER_BANNER);
al@19715 169 + fputs(M_REGISTER_BANNER, stdout);
al@19715 170 integrity_pattern[0]--;
al@19715 171 build_crc32_table();
al@19715 172 if(argc!=2)
al@19715 173 --- a/arjdisp.c
al@19715 174 +++ b/arjdisp.c
al@19715 175 @@ -20,8 +20,6 @@ static long bytes;
al@19715 176 static long compsize;
al@19715 177 static char cmd_verb;
al@19715 178 static char msg_lf[]="\n";
al@19715 179 -char strform[]="%s"; /* Export it for scrnio.c, too
al@19715 180 - (a byte saved is a byte gained) */
al@19715 181
al@19715 182 /* Pseudographical controls */
al@19715 183
al@19715 184 @@ -54,19 +52,19 @@ static void show_init_scrn()
al@19715 185 textcolor(7);
al@19715 186 clrscr();
al@19715 187 gotoxy(2, 2);
al@19715 188 - scrprintf(win_top);
al@19715 189 + fputs(win_top, stdout);
al@19715 190 for(i=3; i<24; i++)
al@19715 191 {
al@19715 192 - gotoxy(2, i); scrprintf(win_border);
al@19715 193 - gotoxy(79, i); scrprintf(win_border);
al@19715 194 + gotoxy(2, i); fputs(win_border, stdout);
al@19715 195 + gotoxy(79, i); fputs(win_border, stdout);
al@19715 196 }
al@19715 197 - gotoxy(2, 24); scrprintf(win_bottom);
al@19715 198 + gotoxy(2, 24); fputs(win_bottom, stdout);
al@19715 199 gotoxy(10, 5);
al@19715 200 - scrprintf(M_ARJDISP_COPYRIGHT);
al@19715 201 + fputs(M_ARJDISP_COPYRIGHT, stdout);
al@19715 202 gotoxy(10, 6);
al@19715 203 - scrprintf(M_ARJDISP_DISTRIBUTION);
al@19715 204 + fputs(M_ARJDISP_DISTRIBUTION, stdout);
al@19715 205 gotoxy(10, 7);
al@19715 206 - scrprintf(M_ARJDISP_LICENSE);
al@19715 207 + fputs(M_ARJDISP_LICENSE, stdout);
al@19715 208 gotoxy(16, 10);
al@19715 209 scrprintf(M_PROCESSING_ARCHIVE, archive_name);
al@19715 210 t=strtok(M_ARJDISP_INFO, msg_lf);
al@19715 211 @@ -74,11 +72,11 @@ static void show_init_scrn()
al@19715 212 while(t!=NULL&&i<=23)
al@19715 213 {
al@19715 214 gotoxy(10, i++);
al@19715 215 - scrprintf(strform, t);
al@19715 216 + scrprintf("%s", t);
al@19715 217 t=strtok(NULL, msg_lf);
al@19715 218 }
al@19715 219 gotoxy(16, 20);
al@19715 220 - scrprintf(M_PRESS_ANY_KEY);
al@19715 221 + fputs(M_PRESS_ANY_KEY, stdout);
al@19715 222 uni_getch();
al@19715 223 gotoxy(1, 24);
al@19715 224 }
al@19715 225 @@ -96,19 +94,19 @@ static void show_proc_scrn()
al@19715 226 {
al@19715 227 clrscr();
al@19715 228 gotoxy(2, 2);
al@19715 229 - scrprintf(win_top);
al@19715 230 + fputs(win_top, stdout);
al@19715 231 for(i=3; i<24; i++)
al@19715 232 {
al@19715 233 - gotoxy(2, i); scrprintf(win_border);
al@19715 234 - gotoxy(79, i); scrprintf(win_border);
al@19715 235 + gotoxy(2, i); fputs(win_border, stdout);
al@19715 236 + gotoxy(79, i); fputs(win_border, stdout);
al@19715 237 }
al@19715 238 - gotoxy(2, 24); scrprintf(win_bottom);
al@19715 239 + gotoxy(2, 24); fputs(win_bottom, stdout);
al@19715 240 gotoxy(10, 5);
al@19715 241 - scrprintf(M_ARJDISP_COPYRIGHT);
al@19715 242 + fputs(M_ARJDISP_COPYRIGHT, stdout);
al@19715 243 gotoxy(10, 6);
al@19715 244 - scrprintf(M_ARJDISP_DISTRIBUTION);
al@19715 245 + fputs(M_ARJDISP_DISTRIBUTION, stdout);
al@19715 246 gotoxy(10, 7);
al@19715 247 - scrprintf(M_ARJDISP_LICENSE);
al@19715 248 + fputs(M_ARJDISP_LICENSE, stdout);
al@19715 249 gotoxy(16, 10);
al@19715 250 scrprintf(M_PROCESSING_ARCHIVE, archive_name);
al@19715 251 gotoxy(16, 12);
al@19715 252 @@ -132,13 +130,13 @@ static void show_proc_scrn()
al@19715 253 break;
al@19715 254 }
al@19715 255 gotoxy(15, 14);
al@19715 256 - scrprintf(ind_top);
al@19715 257 + fputs(ind_top, stdout);
al@19715 258 gotoxy(15, 15);
al@19715 259 - scrprintf(ind_middle);
al@19715 260 + fputs(ind_middle, stdout);
al@19715 261 gotoxy(15, 16);
al@19715 262 - scrprintf(ind_bottom);
al@19715 263 + fputs(ind_bottom, stdout);
al@19715 264 gotoxy(16, 18);
al@19715 265 - scrprintf(M_ARJDISP_CTR_START);
al@19715 266 + fputs(M_ARJDISP_CTR_START, stdout);
al@19715 267 }
al@19715 268 else
al@19715 269 {
al@19715 270 @@ -146,7 +144,7 @@ static void show_proc_scrn()
al@19715 271 gotoxy(16, 15);
al@19715 272 memset(progress, indo, i);
al@19715 273 progress[i]='\0';
al@19715 274 - scrprintf(progress);
al@19715 275 + fputs(progress, stdout);
al@19715 276 gotoxy(16, 18);
al@19715 277 scrprintf(M_ARJDISP_CTR, calc_percentage(bytes, uncompsize)/10);
al@19715 278 }
al@19715 279 @@ -165,19 +163,19 @@ static void show_ending_scrn()
al@19715 280 textcolor(7);
al@19715 281 clrscr();
al@19715 282 gotoxy(2, 2);
al@19715 283 - scrprintf(win_top);
al@19715 284 + fputs(win_top, stdout);
al@19715 285 for(i=3; i<24; i++)
al@19715 286 {
al@19715 287 - gotoxy(2, i); scrprintf(win_border);
al@19715 288 - gotoxy(79, i); scrprintf(win_border);
al@19715 289 + gotoxy(2, i); fputs(win_border, stdout);
al@19715 290 + gotoxy(79, i); fputs(win_border, stdout);
al@19715 291 }
al@19715 292 - gotoxy(2, 24); scrprintf(win_bottom);
al@19715 293 + gotoxy(2, 24); fputs(win_bottom, stdout);
al@19715 294 gotoxy(10, 5);
al@19715 295 - scrprintf(M_ARJDISP_COPYRIGHT);
al@19715 296 + fputs(M_ARJDISP_COPYRIGHT, stdout);
al@19715 297 gotoxy(10, 6);
al@19715 298 - scrprintf(M_ARJDISP_DISTRIBUTION);
al@19715 299 + fputs(M_ARJDISP_DISTRIBUTION, stdout);
al@19715 300 gotoxy(10, 7);
al@19715 301 - scrprintf(M_ARJDISP_LICENSE);
al@19715 302 + fputs(M_ARJDISP_LICENSE, stdout);
al@19715 303 gotoxy(16, 10);
al@19715 304 scrprintf(M_FINISHED_PROCESSING, archive_name);
al@19715 305 gotoxy(1, 24);