Fix a format string vulnerability if MALLOC_LOG is set.

author Tim Kosse <tim.kosse@filezilla-project.org>

Fri, 1 May 2015 13:55:37 +0000 (15:55 +0200)

committer Simon Tatham <anakin@pobox.com>

Sat, 17 Oct 2015 16:35:22 +0000 (17:35 +0100)
author Tim Kosse <tim.kosse@filezilla-project.org>
Fri, 1 May 2015 13:55:37 +0000 (15:55 +0200)
committer Simon Tatham <anakin@pobox.com>
Sat, 17 Oct 2015 16:35:22 +0000 (17:35 +0100)
diff --git a/misc.c b/misc.c

index 94b5ac8ab986e240a3a768996399b294dbe7016f..507837f941fd375c40d74fbd2f80132b76965342 100644 (file)
--- a/misc.c
+++ b/misc.c
@@ -736,7 +736,7 @@ void *safemalloc(size_t n, size_t size)
  #else
         strcpy(str, "Out of memory!");
  #endif
-       modalfatalbox(str);
+       modalfatalbox("%s", str);
      }
  #ifdef MALLOC_LOG
      if (fp)
@@ -778,7 +778,7 @@ void *saferealloc(void *ptr, size_t n, size_t size)
  #else
         strcpy(str, "Out of memory!");
  #endif
-       modalfatalbox(str);
+       modalfatalbox("%s", str);
      }
  #ifdef MALLOC_LOG
      if (fp)
author	Tim Kosse <tim.kosse@filezilla-project.org>
	Fri, 1 May 2015 13:55:37 +0000 (15:55 +0200)
committer	Simon Tatham <anakin@pobox.com>
	Sat, 17 Oct 2015 16:35:22 +0000 (17:35 +0100)