Fix possible security vulnerability and fatal error

author Antoine Fontaine <antoine.fontaine@epfl.ch>

Wed, 14 Apr 2021 21:44:28 +0000 (23:44 +0200)

committer Antoine Fontaine <antoine.fontaine@epfl.ch>

Wed, 14 Apr 2021 21:49:27 +0000 (23:49 +0200)
author Antoine Fontaine <antoine.fontaine@epfl.ch>
Wed, 14 Apr 2021 21:44:28 +0000 (23:44 +0200)
committer Antoine Fontaine <antoine.fontaine@epfl.ch>
Wed, 14 Apr 2021 21:49:27 +0000 (23:49 +0200)
diff --git a/tools/heretic2/common/inout.c b/tools/heretic2/common/inout.c

index e0c14841163387ad761e1c7c0457f37de4f6a9b4..b6d272ffdf694588b7c572b0f425cae2d5e87890 100644 (file)
--- a/tools/heretic2/common/inout.c
+++ b/tools/heretic2/common/inout.c
@@ -261,7 +261,7 @@ void FPrintf( int flag, char *buf ){
         static qboolean bGotXML = false;
         char level[2];
  
-       printf( buf );
+       printf( "%s", buf );
  
         // the following part is XML stuff only.. but maybe we don't want that message to go down the XML pipe?
         if ( flag == SYS_NOXML ) {
diff --git a/tools/quake2/common/inout.c b/tools/quake2/common/inout.c

index e0c14841163387ad761e1c7c0457f37de4f6a9b4..b6d272ffdf694588b7c572b0f425cae2d5e87890 100644 (file)
--- a/tools/quake2/common/inout.c
+++ b/tools/quake2/common/inout.c
@@ -261,7 +261,7 @@ void FPrintf( int flag, char *buf ){
         static qboolean bGotXML = false;
         char level[2];
  
-       printf( buf );
+       printf( "%s", buf );
  
         // the following part is XML stuff only.. but maybe we don't want that message to go down the XML pipe?
         if ( flag == SYS_NOXML ) {
author	Antoine Fontaine <antoine.fontaine@epfl.ch>
	Wed, 14 Apr 2021 21:44:28 +0000 (23:44 +0200)
committer	Antoine Fontaine <antoine.fontaine@epfl.ch>
	Wed, 14 Apr 2021 21:49:27 +0000 (23:49 +0200)
tools/heretic2/common/inout.c		patch \| blob \| history
tools/quake2/common/inout.c		patch \| blob \| history