]> git.pld-linux.org Git - packages/ggz-server.git/blob - ggz-server-format-security.patch
projects / packages / ggz-server.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- rel 6
[packages/ggz-server.git] / ggz-server-format-security.patch
1 --- ggz-server-0.0.14.1/ggzd/players.c.orig     2012-11-18 21:05:32.065729146 +0100
2 +++ ggz-server-0.0.14.1/ggzd/players.c  2012-11-18 21:06:03.019061387 +0100
3 @@ -971,7 +971,7 @@
4  
5         for (i = first; i < last; i++) {
6                 if (table->seat_types[i] == GGZ_SEAT_PLAYER) {
7 -                       snprintf(entry.handle, sizeof(entry.handle), player->name);
8 +                       snprintf(entry.handle, sizeof(entry.handle), "%s", player->name);
9                         status = ggzdb_player_get(&entry);
10  
11                         do_send = 1;
12 @@ -982,7 +982,7 @@
13                         if (status == GGZDB_NO_ERROR) {
14                                 realname = ggz_strdup(entry.name);
15  
16 -                               snprintf(extentry.handle, sizeof(extentry.handle), player->name);
17 +                               snprintf(extentry.handle, sizeof(extentry.handle), "%s", player->name);
18                                 status = ggzdb_player_get_extended(&extentry);
19                                 if (status == GGZDB_NO_ERROR) {
20                                         photo = ggz_strdup(extentry.photo);
21 @@ -1552,7 +1552,7 @@
22         if (ggz_perms_is_set(rcvr->perms, perm) != set) {
23                 ggzdbPlayerEntry entry;
24  
25 -               snprintf(entry.handle, sizeof(entry.handle), rcvr->name);
26 +               snprintf(entry.handle, sizeof(entry.handle), "%s", rcvr->name);
27                 if (ggzdb_player_get(&entry) != GGZDB_NO_ERROR) {
28                         pthread_rwlock_unlock(&rcvr->lock);
29                         if (net_send_admin_result(player->client->net,
30 --- ggz-server-0.0.14.1/ggzd/net.c.orig 2012-11-18 21:06:29.149060466 +0100
31 +++ ggz-server-0.0.14.1/ggzd/net.c      2012-11-18 21:06:47.019059835 +0100
32 @@ -370,7 +370,7 @@
33                 
34         for (i = 0; i < num; i++) {
35                 line = motd_get_line(i);
36 -               _net_send_line(net, line);
37 +               _net_send_line(net, "%s", line);
38                 ggz_free(line);
39         }
40  
41 --- ggz-server-0.0.14.1/ggzd/stats.c.orig       2012-11-18 21:07:04.102392566 +0100
42 +++ ggz-server-0.0.14.1/ggzd/stats.c    2012-11-18 21:07:32.142391577 +0100
43 @@ -265,7 +265,7 @@
44                 }
45  
46                 snprintf(player.handle, sizeof(player.handle),
47 -                        report->names[i]);
48 +                        "%s", report->names[i]);
49  
50                 /* Find out player type */
51                 if (report->types[i] == GGZ_SEAT_BOT) {
52 @@ -307,7 +307,7 @@
53  
54                 if (report->types[i] == GGZ_SEAT_PLAYER) {
55                         snprintf(stats[i].player, sizeof(stats[i].player),
56 -                                report->names[i]);
57 +                                "%s", report->names[i]);
58                 } else if (report->types[i] == GGZ_SEAT_BOT) {
59                         if(!ggz_strcmp(report->names[i], "AI")) {
60                                 snprintf(stats[i].player, sizeof(stats[i].player),
61 --- ggz-server-0.0.14.1/ggzd/login.c~   2008-01-05 20:03:09.000000000 +0100
62 +++ ggz-server-0.0.14.1/ggzd/login.c    2012-11-18 21:07:53.722390816 +0100
63 @@ -74,7 +74,7 @@
64  
65         new_pw[0] = '\0';
66         if(password)
67 -               snprintf(new_pw, sizeof(new_pw), password);
68 +               snprintf(new_pw, sizeof(new_pw), "%s", password);
69  
70         dbg_msg(GGZ_DBG_CONNECTION, "Player %p attempting login as %d",
71                 player, type);
72 --- ggz-server-0.0.14.1/game_servers/ggzcards/games/bridge.c~   2008-01-05 20:02:58.000000000 +0100
73 +++ ggz-server-0.0.14.1/game_servers/ggzcards/games/bridge.c    2012-11-18 21:28:51.902346432 +0100
74 @@ -585,7 +585,7 @@
75         /* TODO: vulnerable, etc. */
76  
77         set_global_message("", "%s", buf);
78 -       set_global_message("Hand Score", buf2);
79 +       set_global_message("Hand Score", "%s", buf2);
80         bridge_set_score_message();
81  
82         BRIDGE.declarer = BRIDGE.dummy = -1;
83 --- ggz-server-0.0.14.1/game_servers/ggzcards/games/euchre.c~   2008-01-05 20:02:58.000000000 +0100
84 +++ ggz-server-0.0.14.1/game_servers/ggzcards/games/euchre.c    2012-11-18 21:29:14.285678973 +0100
85 @@ -443,8 +443,8 @@
86  
87         snprintf(buf, sizeof(buf), msg, tricks, value);
88         /* This message is quickly overwritten by the up-card message.  Ugh. */
89 -       set_global_message("", buf);
90 -       set_global_message("Scoring History", buf);     /* FIXME: this should 
91 +       set_global_message("", "%s", buf);
92 +       set_global_message("Scoring History", "%s", buf);       /* FIXME: this should 
93                                                            be added to the
94                                                            history, not
95                                                            overwrite it. */
Main GGZ server
This page took 0.078063 seconds and 3 git commands to generate.