Fix a format string vulnerability if MALLOC_LOG is set.

author Tim Kosse <tim.kosse@filezilla-project.org>

Fri, 1 May 2015 13:55:37 +0000 (15:55 +0200)

committer Simon Tatham <anakin@pobox.com>

Mon, 10 Aug 2015 19:04:09 +0000 (20:04 +0100)
author Tim Kosse <tim.kosse@filezilla-project.org>
Fri, 1 May 2015 13:55:37 +0000 (15:55 +0200)
committer Simon Tatham <anakin@pobox.com>
Mon, 10 Aug 2015 19:04:09 +0000 (20:04 +0100)
diff --git a/misc.c b/misc.c

index 37c0207ef79251a98f90a4e398a92d9460039716..0e1d622d380228ad13b11181abc5d20dc309170e 100644 (file)
--- a/misc.c
+++ b/misc.c
@@ -755,7 +755,7 @@ void *safemalloc(size_t n, size_t size)
  #else
         strcpy(str, "Out of memory!");
  #endif
-       modalfatalbox(str);
+       modalfatalbox("%s", str);
      }
  #ifdef MALLOC_LOG
      if (fp)
@@ -797,7 +797,7 @@ void *saferealloc(void *ptr, size_t n, size_t size)
  #else
         strcpy(str, "Out of memory!");
  #endif
-       modalfatalbox(str);
+       modalfatalbox("%s", str);
      }
  #ifdef MALLOC_LOG
      if (fp)
author	Tim Kosse <tim.kosse@filezilla-project.org>
	Fri, 1 May 2015 13:55:37 +0000 (15:55 +0200)
committer	Simon Tatham <anakin@pobox.com>
	Mon, 10 Aug 2015 19:04:09 +0000 (20:04 +0100)