+++ /dev/null
-diff -burN proftpd-1.2.10.orig/contrib/mod_sql.c proftpd-1.2.10/contrib/mod_sql.c
---- proftpd-1.2.10.orig/contrib/mod_sql.c 2005-08-04 15:57:39.050981712 +0200
-+++ proftpd-1.2.10/contrib/mod_sql.c 2005-08-04 15:57:49.922329016 +0200
-@@ -2036,7 +2036,7 @@
- *outsp++ = 0;
-
- /* add the response */
-- pr_response_add( c->argv[0], outs);
-+ pr_response_add(c->argv[0], "%s", outs);
-
- } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
-
-@@ -2110,7 +2110,7 @@
- *outsp++ = 0;
-
- /* add the response */
-- pr_response_add( c->argv[0], outs);
-+ pr_response_add(c->argv[0], "%s", outs);
-
- } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
-
-@@ -2201,7 +2201,7 @@
- *outsp++ = 0;
-
- /* add the response */
-- pr_response_add_err( c->argv[0], outs);
-+ pr_response_add_err(c->argv[0], "%s", outs);
-
- } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
-
-@@ -2275,7 +2275,7 @@
- *outsp++ = 0;
-
- /* add the response */
-- pr_response_add( c->argv[0], outs);
-+ pr_response_add(c->argv[0], "%s", outs);
-
- } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
-
-diff -burN proftpd-1.2.10.orig/src/response.c proftpd-1.2.10/src/response.c
---- proftpd-1.2.10.orig/src/response.c 2005-08-04 15:57:39.125970312 +0200
-+++ proftpd-1.2.10/src/response.c 2005-08-04 15:57:46.478852504 +0200
-@@ -1,6 +1,6 @@
- /*
- * ProFTPD - FTP server daemon
-- * Copyright (c) 2001, 2002, 2003 The ProFTPD Project team
-+ * Copyright (c) 2001-2005 The ProFTPD Project team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
-@@ -169,7 +169,7 @@
- buf[sizeof(buf) - 1] = '\0';
- sstrcat(buf, "\r\n", sizeof(buf));
-
-- RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, buf, strlen(buf))
-+ RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, "%s", buf)
- }
-
- void pr_response_send(const char *resp_numeric, const char *fmt, ...) {