3 http://pkgs.fedoraproject.org/cgit/unzip.git/plain/unzip-6.0-format-secure.patch?id=d18f821e
5 diff --git a/extract.c b/extract.c
6 index eeb2f57..a0a4929 100644
9 @@ -472,8 +472,8 @@ int extract_or_test_files(__G) /* return PK-type error code */
11 Info(slide, 0x401, ((char *)slide,
12 LoadFarString(CentSigMsg), j + blknum*DIR_BLKSIZ + 1));
13 - Info(slide, 0x401, ((char *)slide,
14 - LoadFarString(ReportMsg)));
16 + ((char *)slide,"%s", LoadFarString(ReportMsg)));
17 error_in_archive = PK_BADERR;
19 reached_end = TRUE; /* ...so no more left to do */
20 @@ -752,8 +752,8 @@ int extract_or_test_files(__G) /* return PK-type error code */
23 if (no_endsig_found) { /* just to make sure */
24 - Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
25 - Info(slide, 0x401, ((char *)slide, LoadFarString(ReportMsg)));
26 + Info(slide, 0x401, ((char *)slide,"%s", LoadFarString(EndSigMsg)));
27 + Info(slide, 0x401, ((char *)slide,"%s", LoadFarString(ReportMsg)));
28 if (!error_in_archive) /* don't overwrite stronger error */
29 error_in_archive = PK_WARN;
31 diff --git a/list.c b/list.c
32 index 15e0011..f7359c3 100644
35 @@ -181,7 +181,7 @@ int list_files(__G) /* return PK-type error code */
37 ((char *)slide, LoadFarString(CentSigMsg), j));
39 - ((char *)slide, LoadFarString(ReportMsg)));
40 + ((char *)slide,"%s", LoadFarString(ReportMsg)));
41 return PK_BADERR; /* sig not found */
44 @@ -507,7 +507,8 @@ int list_files(__G) /* return PK-type error code */
45 && (!G.ecrec.is_zip64_archive)
46 && (memcmp(G.sig, end_central_sig, 4) != 0)
47 ) { /* just to make sure again */
48 - Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
50 + ((char *)slide,"%s", LoadFarString(EndSigMsg)));
51 error_in_archive = PK_WARN; /* didn't find sig */
54 @@ -591,7 +592,7 @@ int get_time_stamp(__G__ last_modtime, nmember) /* return PK-type error code */
56 ((char *)slide, LoadFarString(CentSigMsg), j));
58 - ((char *)slide, LoadFarString(ReportMsg)));
59 + ((char *)slide,"%s", LoadFarString(ReportMsg)));
60 return PK_BADERR; /* sig not found */
63 @@ -674,7 +675,7 @@ int get_time_stamp(__G__ last_modtime, nmember) /* return PK-type error code */
64 ---------------------------------------------------------------------------*/
66 if (memcmp(G.sig, end_central_sig, 4)) { /* just to make sure again */
67 - Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
68 + Info(slide, 0x401, ((char *)slide,"%s", LoadFarString(EndSigMsg)));
69 error_in_archive = PK_WARN;
71 if (*nmember == 0L && error_in_archive <= PK_WARN)
72 diff --git a/zipinfo.c b/zipinfo.c
73 index 6e22cc8..ac5c61b 100644
76 @@ -771,7 +771,7 @@ int zipinfo(__G) /* return PK-type error code */
78 ((char *)slide, LoadFarString(CentSigMsg), j));
80 - ((char *)slide, LoadFarString(ReportMsg)));
81 + ((char *)slide,"%s", LoadFarString(ReportMsg)));
82 error_in_archive = PK_BADERR; /* sig not found */
85 @@ -960,7 +960,8 @@ int zipinfo(__G) /* return PK-type error code */
86 && (!G.ecrec.is_zip64_archive)
87 && (memcmp(G.sig, end_central_sig, 4) != 0)
88 ) { /* just to make sure again */
89 - Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
91 + ((char *)slide,"%s", LoadFarString(EndSigMsg)));
92 error_in_archive = PK_WARN; /* didn't find sig */