Fix GCC format security check issue(Thanks to Dhiru Kholia).

1 files changed, 22 insertions, 0 deletions

diff --git a/bwm-ng-0.6-format-security.patch b/bwm-ng-0.6-format-security.patch
new file mode 100644
index 0000000..89a67bb
--- /dev/null
+++ b/bwm-ng-0.6-format-security.patch
@@ -0,0 +1,22 @@
+--- a/src/output.c	
++++ a/src/output.c	
+@@ -223,8 +223,8 @@ int print_header(int option) {
+ 		        fprintf(tmp_out_file,"<title>bwm-ng stats</title>\n</head>\n<body>\n");
+ 			}
+ 	        fprintf(tmp_out_file,"<div class=\"bwm-ng-header\">bwm-ng bwm-ng v" VERSION " (refresh %is); input: ",html_refresh);
+-            fprintf(tmp_out_file,input2str());
+-            fprintf(tmp_out_file,show_all_if2str());
++            fprintf(tmp_out_file,"%s",input2str());
++            fprintf(tmp_out_file,"%s",show_all_if2str());
+ 	        fprintf(tmp_out_file,"</div><table class=\"bwm-ng-output\">");
+ 			fprintf(tmp_out_file,"<tr class=\"bwm-ng-head\"><td class=\"bwm-ng-name\">Interface</td><td>Rx</td><td>Tx</td><td>Total</td></tr>");
+ 			break;
+@@ -234,7 +234,7 @@ int print_header(int option) {
+ 			if (output_method==PLAIN_OUT && ansi_output) printf("\033[1;2H");
+ 	        printf("bwm-ng v" VERSION " (delay %2.3fs); ",(float)delay/1000);
+ 			if (output_method==PLAIN_OUT) printf("press 'ctrl-c' to end this%s",(ansi_output ? "\033[2;2H" : "")); else printf("input: ");
+-            printf(input2str());
++            printf("%s", input2str());
+             printf("%s\n",show_all_if2str());
+ 			if (output_method==PLAIN_OUT) {
+ 				if (ansi_output)