diff -urN libmp3splt-0.9.0.orig/src/oformat_parser.c libmp3splt-0.9.0/src/oformat_parser.c --- libmp3splt-0.9.0.orig/src/oformat_parser.c 2014-03-22 23:25:22.076480090 +0100 +++ libmp3splt-0.9.0/src/oformat_parser.c 2014-03-22 23:30:02.099814984 +0100 @@ -533,7 +533,7 @@ int max_number_of_digits = splt_u_get_requested_num_of_digits(state, state->oformat.format[i], &requested_num_of_digits, SPLT_FALSE); - snprintf(temp + offset, temp_len, format); + snprintf(temp + offset, temp_len, "%s", format); fm_length = strlen(temp) + 1 + max_number_of_digits; if ((fm = malloc(fm_length * sizeof(char))) == NULL) @@ -563,7 +563,7 @@ // if (artist_or_performer != NULL) { - snprintf(temp+2,temp_len, state->oformat.format[i]+2); + snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); int artist_length = 0; artist_length = strlen(artist_or_performer); @@ -571,7 +571,7 @@ } else { - snprintf(temp,temp_len, state->oformat.format[i]+2); + snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + 1; } @@ -591,7 +591,7 @@ } else { - snprintf(fm, fm_length, temp); + snprintf(fm, fm_length, "%s", temp); } break; @@ -608,7 +608,7 @@ // if (artist != NULL) { - snprintf(temp+2,temp_len, state->oformat.format[i]+2); + snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); int artist_length = 0; artist_length = strlen(artist); @@ -616,7 +616,7 @@ } else { - snprintf(temp,temp_len, state->oformat.format[i]+2); + snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + 1; } @@ -636,7 +636,7 @@ } else { - snprintf(fm, fm_length, temp); + snprintf(fm, fm_length, "%s", temp); } break; case 'b': @@ -654,13 +654,13 @@ { int album_length = 0; album_length = strlen(album); - snprintf(temp+2, temp_len, state->oformat.format[i]+2); + snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + album_length + 1; } else { - snprintf(temp,temp_len, state->oformat.format[i]+2); + snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + 1; } @@ -698,13 +698,13 @@ { int genre_length = 0; genre_length = strlen(genre); - snprintf(temp+2, temp_len, state->oformat.format[i]+2); + snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + genre_length + 1; } else { - snprintf(temp,temp_len, state->oformat.format[i]+2); + snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + 1; } @@ -742,13 +742,13 @@ { int title_length = 0; title_length = strlen(title); - snprintf(temp+2, temp_len, state->oformat.format[i]+2); + snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + title_length + 1; } else { - snprintf(temp,temp_len, state->oformat.format[i]+2); + snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + 1; } @@ -768,7 +768,7 @@ } else { - snprintf(fm, fm_length, temp); + snprintf(fm, fm_length, "%s", temp); } break; case 'p': @@ -786,13 +786,13 @@ { int performer_length = 0; performer_length = strlen(performer); - snprintf(temp+2, temp_len, state->oformat.format[i]+2); + snprintf(temp+2, temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + performer_length + 1; } else { - snprintf(temp,temp_len, state->oformat.format[i]+2); + snprintf(temp,temp_len, "%s", state->oformat.format[i]+2); fm_length = strlen(temp) + 1; } @@ -811,7 +811,7 @@ } else { - snprintf(fm, fm_length, temp); + snprintf(fm, fm_length, "%s", temp); } break; case 'l': @@ -861,7 +861,7 @@ const char *format = splt_u_get_format_ptr(state->oformat.format[i], temp, NULL); - snprintf(temp + 4, temp_len, format + 2); + snprintf(temp + 4, temp_len, "%s", format + 2); fm_length = strlen(temp) + 1 + max_num_of_digits; } else @@ -902,7 +902,7 @@ original_filename = strdup(splt_su_get_fname_without_path(splt_t_get_filename_to_split(state))); if (original_filename) { - snprintf(temp+2,temp_len, state->oformat.format[i]+2); + snprintf(temp+2,temp_len, "%s", state->oformat.format[i]+2); splt_su_cut_extension(original_filename);