From 2e2e74a836f7572eb4cb8fde42bc7b7715dd3b91 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Jan=20R=C4=99korajski?= <baggins@pld-linux.org>
Date: Mon, 3 Sep 2018 10:40:13 +0200
Subject: [PATCH] - fix format string errors - rel 6

---
 cpqarrayd.spec        |  4 ++-
 format-security.patch | 64 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+), 1 deletion(-)
 create mode 100644 format-security.patch

diff --git a/cpqarrayd.spec b/cpqarrayd.spec
index cdcb508..5eaa294 100644
--- a/cpqarrayd.spec
+++ b/cpqarrayd.spec
@@ -2,7 +2,7 @@ Summary:	Cpqarrayd - SmartArray controllers monitoring
 Summary(pl.UTF-8):	Cpqarrayd - monitorowanie kontrolerÃ³w SmartArray
 Name:		cpqarrayd
 Version:	2.3
-Release:	5
+Release:	6
 License:	GPL v2+
 Group:		Applications/System
 Source0:	http://www.strocamp.net/opensource/compaq/downloads/%{name}-%{version}.tar.gz
@@ -10,6 +10,7 @@ Source0:	http://www.strocamp.net/opensource/compaq/downloads/%{name}-%{version}.
 Source1:	%{name}.init
 Source2:	%{name}.sysconfig
 Patch0:		%{name}-headers.patch
+Patch1:		format-security.patch
 URL:		http://www.strocamp.net/opensource/cpqarrayd.php
 BuildRequires:	autoconf >= 2.50
 BuildRequires:	automake
@@ -29,6 +30,7 @@ wysyÅanie puÅapek SNMP oraz sysloga.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 
 %build
 %{__aclocal}
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..eb84681
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,64 @@
+--- cpqarrayd-2.3/status.c.orig	2007-12-03 18:06:22.000000000 +0100
++++ cpqarrayd-2.3/status.c	2018-09-03 10:37:05.375891671 +0200
+@@ -140,8 +140,7 @@
+ 		   "problem sending snmp trap (sendtrap() returned %d)\n",
+ 		   trap_stat);
+ 	    if (opts.debug) {
+-	      printf("DEBUG: Problem sending snmp trap",
+-		     "(sendtrap() returned %d)\n", 
++	      printf("DEBUG: Problem sending snmp trap (sendtrap() returned %d)\n", 
+ 		     trap_stat);
+ 	    }
+ 	  }
+@@ -167,8 +168,7 @@
+ 		   "problem sending snmp trap (sendtrap() returned %d)\n",
+ 		   trap_stat);
+ 	    if (opts.debug) {
+-	      printf("DEBUG: Problem sending snmp trap ",
+-		     "(sendtrap() returned %d)\n",
++	      printf("DEBUG: Problem sending snmp trap (sendtrap() returned %d)\n",
+ 		     trap_stat);
+ 	    }
+ 	  }
+@@ -215,17 +217,16 @@
+ 		 event.detail.logstatchange.logicaldrivenumber,
+ 		 logicaldrivestatusstr[event.detail.logstatchange.newlogicaldrivestate]);
+ 	status = event.detail.logstatchange.newlogicaldrivestate;
+-	syslog(LOG_WARNING, statusmsg);
++	syslog(LOG_WARNING, "%s", statusmsg);
+ 	if (opts.debug) {
+-	  printf (statusmsg);
++	  puts (statusmsg);
+ 	}
+ 	if (trap_stat = sendtrap(opts, "public", status, statusmsg)) {
+ 	  syslog(LOG_WARNING, 
+ 		 "problem sending snmp trap (sendtrap() returned %d)\n",
+ 		 trap_stat);
+ 	  if (opts.debug) {
+-	    printf("DEBUG: Problem sending snmp trap",
+-		   "(sendtrap() returned %d)\n", 
++	    printf("DEBUG: Problem sending snmp trap (sendtrap() returned %d)\n", 
+ 		   trap_stat);
+ 	  }
+ 	}
+@@ -234,17 +237,16 @@
+ 		 ctrls_found[ctrl_cntr].devicefile,
+ 		 event.mesgstring);
+ 	status = 255;
+-	syslog(LOG_WARNING, statusmsg);
++	syslog(LOG_WARNING, "%s", statusmsg);
+ 	if (opts.debug) {
+-	  printf (statusmsg);
++	  puts (statusmsg);
+ 	}
+ 	if (trap_stat = sendtrap(opts, "public", status, statusmsg)) {
+ 	  syslog(LOG_WARNING, 
+ 		 "problem sending snmp trap (sendtrap() returned %d)\n",
+ 		 trap_stat);
+ 	  if (opts.debug) {
+-	    printf("DEBUG: Problem sending snmp trap",
+-		   "(sendtrap() returned %d)\n", 
++	    printf("DEBUG: Problem sending snmp trap (sendtrap() returned %d)\n", 
+ 		   trap_stat);
+ 	  }
+ 	}
-- 
2.44.0