commit b8ead3b51144968401288291357452821193bb3b
parent ffff6649185319c6d54aa8da25966e8bdac0c303
Author: Benno Schulenberg <bensberg@telfort.nl>
Date: Mon, 27 Mar 2023 11:47:37 +0200
linter: use a format string, to deflect format-string attacks
This fixes the first part of https://savannah.gnu.org/bugs/?63964.
Reported-by: Vince Vince
Diffstat:
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/text.c b/src/text.c
@@ -2846,7 +2846,7 @@ void do_linter(void)
confirm_margin();
#endif
edit_refresh();
- statusline(NOTICE, curlint->msg);
+ statusline(NOTICE, "%s", curlint->msg);
bottombars(MLINTER);
}
@@ -2877,7 +2877,7 @@ void do_linter(void)
beep();
napms(600);
last_wait = time(NULL);
- statusline(NOTICE, curlint->msg);
+ statusline(NOTICE, "%s", curlint->msg);
}
} else if (function == do_page_down || function == to_next_block) {
if (curlint->next != NULL)
@@ -2887,7 +2887,7 @@ void do_linter(void)
beep();
napms(600);
last_wait = time(NULL);
- statusline(NOTICE, curlint->msg);
+ statusline(NOTICE, "%s", curlint->msg);
}
} else
beep();
