b9d1cda69c
Security Alert prompt_slk_response() have a formatting string problem, and 'subject' are controlled by remote, this may cause some problems. Patches by Matthieu Herrb <matthieu.herrb@laas.fr>
116 lines
4.1 KiB
Plaintext
116 lines
4.1 KiB
Plaintext
$OpenBSD: patch-src-post_c,v 1.1 2001/08/31 10:27:19 shell Exp $
|
|
--- src/post.c.orig Thu Sep 21 01:07:23 2000
|
|
+++ src/post.c Fri Aug 31 18:10:16 2001
|
|
@@ -183,7 +183,7 @@
|
|
prompt_to_send (
|
|
const char *subject)
|
|
{
|
|
- return (prompt_slk_response (iKeyPostSend, TIN_SEND_KEYS, sized_message(txt_quit_edit_send, subject)));
|
|
+ return (prompt_slk_response (iKeyPostSend, TIN_SEND_KEYS, "%s", sized_message(txt_quit_edit_send, subject)));
|
|
}
|
|
|
|
|
|
@@ -197,7 +197,7 @@
|
|
my_fflush(stderr);
|
|
Raw (TRUE);
|
|
|
|
- return (prompt_slk_response (iKeyPostEdit, TIN_EDIT_KEYS, txt_quit_edit_postpone));
|
|
+ return (prompt_slk_response (iKeyPostEdit, TIN_EDIT_KEYS, "%s", txt_quit_edit_postpone));
|
|
}
|
|
|
|
|
|
@@ -207,7 +207,7 @@
|
|
{
|
|
int ch;
|
|
|
|
- ch = prompt_slk_response (iKeyPostEdit, TIN_EDIT_KEYS_EXT, txt_bad_article);
|
|
+ ch = prompt_slk_response (iKeyPostEdit, TIN_EDIT_KEYS_EXT, "%s", txt_bad_article);
|
|
|
|
*result = ch;
|
|
if (ch == iKeyPostEdit) {
|
|
@@ -1161,10 +1161,10 @@
|
|
break;
|
|
}
|
|
if (type != POST_REPOST)
|
|
- ch = prompt_slk_response(iKeyPostPost, TIN_POST_KEYS, txt_quit_edit_post);
|
|
+ ch = prompt_slk_response(iKeyPostPost, TIN_POST_KEYS, "%s", txt_quit_edit_post);
|
|
else
|
|
/* Superfluous force_command stuff not used in current code */
|
|
- ch = (/*force_command ? ch_default :*/ prompt_slk_response (ch, TIN_POST_KEYS, sized_message(txt_quit_edit_xpost, note_h.subj)));
|
|
+ ch = (/*force_command ? ch_default :*/ prompt_slk_response (ch, TIN_POST_KEYS, "%s", sized_message(txt_quit_edit_xpost, note_h.subj)));
|
|
}
|
|
|
|
post_article_done:
|
|
@@ -1650,7 +1650,7 @@
|
|
return TRUE;
|
|
|
|
if (!all) {
|
|
- ch = prompt_slk_response (iKeyPostponeYes, "\033qyYnA", sized_message(txt_postpone_repost, subject));
|
|
+ ch = prompt_slk_response (iKeyPostponeYes, "\033qyYnA", "%s", sized_message(txt_postpone_repost, subject));
|
|
|
|
if (ch == iKeyPostponeYesAll)
|
|
all = TRUE;
|
|
@@ -1967,7 +1967,7 @@
|
|
|
|
if (*note_h.followup && STRCMPEQ(note_h.followup, "poster")) {
|
|
/* clear_message (); */
|
|
- ch = prompt_slk_response(iKeyPageMail, "\033mpyq", txt_resp_to_poster);
|
|
+ ch = prompt_slk_response(iKeyPageMail, "\033mpyq", "%s", txt_resp_to_poster);
|
|
switch (ch) {
|
|
case iKeyPostPost:
|
|
case iKeyPostPost2:
|
|
@@ -2011,7 +2011,7 @@
|
|
}
|
|
my_flush ();
|
|
|
|
- ch = prompt_slk_response(iKeyPostPost, "\033ipqy", txt_prompt_fup_ignore);
|
|
+ ch = prompt_slk_response(iKeyPostPost, "\033ipqy", "%s", txt_prompt_fup_ignore);
|
|
switch (ch) {
|
|
case iKeyQuit:
|
|
case iKeyAbort:
|
|
@@ -2305,7 +2305,7 @@
|
|
else
|
|
sprintf (subject, "(fwd) %s\n", note_h.subj);
|
|
|
|
- if ((fp = create_mail_headers(nam, TIN_LETTER, mail_to, subject)) == NULL)
|
|
+ if ((fp = create_mail_headers(nam, TIN_LETTER, mail_to, subject)) == NULL)
|
|
return redraw_screen;
|
|
|
|
if (mail_to_poster) {
|
|
@@ -2674,7 +2674,7 @@
|
|
fclose (fp);
|
|
|
|
if (spamtrap_found) {
|
|
- ch = prompt_slk_response (iKeyPostContinue, TIN_CONT_KEYS, txt_warn_suspicious_mail);
|
|
+ ch = prompt_slk_response (iKeyPostContinue, TIN_CONT_KEYS, "%s", txt_warn_suspicious_mail);
|
|
switch (ch) {
|
|
case iKeyPostAbort:
|
|
case iKeyAbort:
|
|
@@ -2955,7 +2955,7 @@
|
|
return redraw_screen;
|
|
#endif /* FORGERY */
|
|
} else {
|
|
- option = prompt_slk_response (option_default, "\033dqs", sized_message(txt_cancel_article, art->subject));
|
|
+ option = prompt_slk_response (option_default, "\033dqs", "%s", sized_message(txt_cancel_article, art->subject));
|
|
|
|
switch (option) {
|
|
case iKeyPostCancel:
|
|
@@ -3069,7 +3069,7 @@
|
|
Raw (oldraw);
|
|
|
|
forever {
|
|
- ch = prompt_slk_response(ch_default, "\033deq", sized_message(txt_quit_cancel, note_h.subj));
|
|
+ ch = prompt_slk_response(ch_default, "\033deq", "%s", sized_message(txt_quit_cancel, note_h.subj));
|
|
switch (ch) {
|
|
case iKeyPostEdit:
|
|
invoke_editor (cancel, start_line_offset);
|
|
@@ -3272,7 +3272,7 @@
|
|
force_command = TRUE;
|
|
}
|
|
|
|
- ch = (force_command ? ch_default : prompt_slk_response (ch_default, TIN_POST_KEYS, sized_message(txt_quit_edit_xpost, note_h.subj)));
|
|
+ ch = (force_command ? ch_default : prompt_slk_response (ch_default, TIN_POST_KEYS, "%s", sized_message(txt_quit_edit_xpost, note_h.subj)));
|
|
|
|
return (post_loop(POST_REPOST, psGrp, ch,
|
|
(Superseding ? txt_superseding_art : txt_repost_an_article),
|