evolution r35143 - trunk/mail

From: tobiasmue svn gnome org
To: svn-commits-list gnome org
Subject: evolution r35143 - trunk/mail
Date: Thu, 6 Mar 2008 22:06:03 +0000 (GMT)
Author: tobiasmue
Date: Thu Mar  6 22:06:02 2008
New Revision: 35143
URL: http://svn.gnome.org/viewvc/evolution?rev=35143&view=rev

Log:
2008-03-06  Tobias Mueller  <muelli auftrags-killer org>

    ** Fix for bug #520745

    * mail/em-format.c: Fix format-string vulnerability
    Patch by Tor Lillqvist <tml iki fi>



Modified:
   trunk/mail/ChangeLog
   trunk/mail/em-format.c

Modified: trunk/mail/em-format.c
==============================================================================
--- trunk/mail/em-format.c	(original)
+++ trunk/mail/em-format.c	Thu Mar  6 22:06:02 2008
@@ -1193,7 +1193,7 @@
 	opart = camel_mime_part_new();
 	valid = camel_cipher_decrypt(context, part, opart, ex);
 	if (valid == NULL) {
-		em_format_format_error(emf, stream, ex->desc?ex->desc:_("Could not parse S/MIME message: Unknown error"));
+		em_format_format_error(emf, stream, "%s", ex->desc?ex->desc:_("Could not parse S/MIME message: Unknown error"));
 		em_format_part_as(emf, stream, part, NULL);
 	} else {
 		if (emfc == NULL)
@@ -1350,7 +1350,7 @@
 	if (valid == NULL) {
 		em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP/MIME message"):_("Could not parse PGP/MIME message: Unknown error"));
 		if (ex->desc)
-			em_format_format_error(emf, stream, ex->desc);
+			em_format_format_error(emf, stream, "%s", ex->desc);
 		em_format_part_as(emf, stream, part, "multipart/mixed");
 	} else {
 		if (emfc == NULL)
@@ -1515,7 +1515,7 @@
 		if (valid == NULL) {
 			em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
 			if (ex->desc)
-				em_format_format_error(emf, stream, ex->desc);
+				em_format_format_error(emf, stream, "%s", ex->desc);
 			em_format_part_as(emf, stream, part, "multipart/mixed");
 		} else {
 			if (emfc == NULL)
@@ -1586,7 +1586,7 @@
 	if (!valid) {
 		em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
 		if (ex->desc)
-			em_format_format_error(emf, stream, ex->desc);
+			em_format_format_error(emf, stream, "%s", ex->desc);
 		em_format_format_source(emf, stream, ipart);
 		/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
 		camel_exception_free(ex);
@@ -1658,7 +1658,7 @@
 	if (!valid) {
 		em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP message"):_("Could not parse PGP message: Unknown error"));
 		if (ex->desc)
-			em_format_format_error(emf, stream, ex->desc);
+			em_format_format_error(emf, stream, "%s", ex->desc);
 		em_format_format_source(emf, stream, ipart);
 		/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
 		camel_exception_free(ex);
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]