From: Ole Streicher Date: Fri, 21 Mar 2014 10:37:47 +0100 Subject: Fix format security errors --- src/catout.c | 2 +- src/xml.c | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/catout.c b/src/catout.c index bd8569f..6c575dc 100644 --- a/src/catout.c +++ b/src/catout.c @@ -1006,7 +1006,7 @@ void endcat(char *error) break; case ASCII_SKYCAT: - fprintf(ascfile, skycattail); + fprintf(ascfile, "%s", skycattail); if (!prefs.pipe_flag) fclose(ascfile); break; diff --git a/src/xml.c b/src/xml.c index 087f128..0cf6ee3 100644 --- a/src/xml.c +++ b/src/xml.c @@ -697,7 +697,7 @@ int write_xmlconfigparam(FILE *file, char *name, char *unit, name, ucd); break; case P_STRING: - sprintf(value, (char *)key[i].ptr); + sprintf(value, "%s", (char *)key[i].ptr); fprintf(file, " \n", name, ucd, *value? value: " "); @@ -706,13 +706,13 @@ int write_xmlconfigparam(FILE *file, char *name, char *unit, n = *(key[i].nlistptr); if (n) { - sprintf(value, ((char **)key[i].ptr)[0]); + sprintf(value, "%s", ((char **)key[i].ptr)[0]); fprintf(file, " \n"); @@ -723,7 +723,7 @@ int write_xmlconfigparam(FILE *file, char *name, char *unit, name, ucd); break; case P_KEY: - sprintf(value, key[i].keylist[*((int *)key[i].ptr)]); + sprintf(value, "%s", key[i].keylist[*((int *)key[i].ptr)]); fprintf(file, " \n", name, ucd, value); @@ -732,13 +732,13 @@ int write_xmlconfigparam(FILE *file, char *name, char *unit, n = *(key[i].nlistptr); if (n) { - sprintf(value, key[i].keylist[((int *)key[i].ptr)[0]]); + sprintf(value, "%s", key[i].keylist[((int *)key[i].ptr)[0]]); fprintf(file, " \n");