diff options
author | Christopher Meng <i@cicku.me> | 2014-01-24 16:17:57 +0800 |
---|---|---|
committer | Christopher Meng <i@cicku.me> | 2014-01-24 16:17:57 +0800 |
commit | a633ba34a41f2c5d243744ca7c506ebdabe597d9 (patch) | |
tree | a13df192fa8e063fdc344524f990ff7f6b515160 | |
parent | c25c060ebc1c5b7bacaf4b1393f1be2e7e322437 (diff) | |
download | bwm-ng-a633ba34a41f2c5d243744ca7c506ebdabe597d9.tar.gz bwm-ng-a633ba34a41f2c5d243744ca7c506ebdabe597d9.tar.xz bwm-ng-a633ba34a41f2c5d243744ca7c506ebdabe597d9.zip |
Fix GCC format security check issue(Thanks to Dhiru Kholia).
-rw-r--r-- | bwm-ng-0.6-format-security.patch | 22 | ||||
-rw-r--r-- | bwm-ng.spec | 11 |
2 files changed, 30 insertions, 3 deletions
diff --git a/bwm-ng-0.6-format-security.patch b/bwm-ng-0.6-format-security.patch new file mode 100644 index 0000000..89a67bb --- /dev/null +++ b/bwm-ng-0.6-format-security.patch @@ -0,0 +1,22 @@ +--- a/src/output.c ++++ a/src/output.c +@@ -223,8 +223,8 @@ int print_header(int option) { + fprintf(tmp_out_file,"<title>bwm-ng stats</title>\n</head>\n<body>\n"); + } + fprintf(tmp_out_file,"<div class=\"bwm-ng-header\">bwm-ng bwm-ng v" VERSION " (refresh %is); input: ",html_refresh); +- fprintf(tmp_out_file,input2str()); +- fprintf(tmp_out_file,show_all_if2str()); ++ fprintf(tmp_out_file,"%s",input2str()); ++ fprintf(tmp_out_file,"%s",show_all_if2str()); + fprintf(tmp_out_file,"</div><table class=\"bwm-ng-output\">"); + fprintf(tmp_out_file,"<tr class=\"bwm-ng-head\"><td class=\"bwm-ng-name\">Interface</td><td>Rx</td><td>Tx</td><td>Total</td></tr>"); + break; +@@ -234,7 +234,7 @@ int print_header(int option) { + if (output_method==PLAIN_OUT && ansi_output) printf("\033[1;2H"); + printf("bwm-ng v" VERSION " (delay %2.3fs); ",(float)delay/1000); + if (output_method==PLAIN_OUT) printf("press 'ctrl-c' to end this%s",(ansi_output ? "\033[2;2H" : "")); else printf("input: "); +- printf(input2str()); ++ printf("%s", input2str()); + printf("%s\n",show_all_if2str()); + if (output_method==PLAIN_OUT) { + if (ansi_output) diff --git a/bwm-ng.spec b/bwm-ng.spec index 01134da..751c756 100644 --- a/bwm-ng.spec +++ b/bwm-ng.spec @@ -1,15 +1,16 @@ Name: bwm-ng Version: 0.6 -Release: 13%{?dist} +Release: 14%{?dist} Summary: Bandwidth Monitor NG License: GPLv2+ URL: http://www.volker-gropp.de/?id=projects&sub=bwm-ng Source0: http://www.volker-gropp.de/bwm-ng/%{name}-%{version}.tar.gz Source1: bwm-ng.conf -Requires: hostname -Requires: procps +Patch0: bwm-ng-0.6-format-security.patch BuildRequires: libstatgrab-devel BuildRequires: ncurses-devel +Requires: hostname +Requires: procps %description A small and simple console-based live network and disk io bandwidth monitor. @@ -26,6 +27,7 @@ Features: %prep %setup -q +%patch0 -p1 %build %configure --enable-64bit \ @@ -54,6 +56,9 @@ install -pDm644 bwm-ng.1 %{buildroot}%{_mandir}/man1/bwm-ng.1 %{_mandir}/man1/bwm-ng.1* %changelog +* Fri Jan 03 2014 Christopher Meng <rpm@cicku.me> - 0.6-14 +- Fix gcc dumb security check issue. + * Sun Oct 13 2013 Ralf Corsépius <corsepiu@fedoraproject.org> - 0.6-13 - Fix spec-file corruption caused by previous patch. - Rebuild for libstatgrab. |