ericonr
/
util-linux
mirror of https://github.com/ericonr/util-linux.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

script: don't use strings from user as printf-format [coverity scan] 

Let's avoid format string vulnerability (TAINTED_STRING).

Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
Karel Zak 2020-10-01 13:29:46 +02:00
parent f831651e3a
commit bd4739dae2
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
term-utils/script.c
View File

@ -1006,14 +1006,14 @@ int main(int argc, char **argv)
log_info(&ctl, "COLUMNS", "%d", ctl.ttycols);
log_info(&ctl, "LINES", "%d", ctl.ttylines);
}
log_info(&ctl, "SHELL", shell);
log_info(&ctl, "SHELL", "%s", shell);
if (command)
log_info(&ctl, "COMMAND", command);
log_info(&ctl, "TIMING_LOG", timingfile);
log_info(&ctl, "COMMAND", "%s", command);
log_info(&ctl, "TIMING_LOG", "%s", timingfile);
if (outfile)
log_info(&ctl, "OUTPUT_LOG", outfile);
log_info(&ctl, "OUTPUT_LOG", "%s", outfile);
if (infile)
log_info(&ctl, "INPUT_LOG", infile);
log_info(&ctl, "INPUT_LOG", "%s", infile);
}
/* this is the main loop */