[ros-diffs] [tkreuzer] 47490: [FORMAT] Fix "potentially insecure" usage of non-string-literals in printf.

tkreuzer at svn.reactos.org tkreuzer at svn.reactos.org
Mon May 31 15:56:29 CEST 2010 

Author: tkreuzer
Date: Mon May 31 15:56:29 2010
New Revision: 47490

URL: http://svn.reactos.org/svn/reactos?rev=47490&view=rev
Log:
[FORMAT]
Fix "potentially insecure" usage of non-string-literals in printf.

Modified:
    trunk/reactos/base/system/format/format.c

Modified: trunk/reactos/base/system/format/format.c
URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/format/format.c?rev=47490&r1=47489&r2=47490&view=diff
==============================================================================
--- trunk/reactos/base/system/format/format.c [iso-8859-1] (original)
+++ trunk/reactos/base/system/format/format.c [iso-8859-1] Mon May 31 15:56:29 2010
@@ -185,7 +185,7 @@
 		if( *status == FALSE ) {
 
 			LoadString( GetModuleHandle(NULL), STRING_FORMAT_FAIL, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-			_tprintf(szMsg);
+			_tprintf("%s", szMsg);
 			Error = TRUE;
 		}
 		break;
@@ -204,7 +204,7 @@
 	case STRUCTUREPROGRESS:
 	case CLUSTERSIZETOOSMALL:
 		LoadString( GetModuleHandle(NULL), STRING_NO_SUPPORT, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-		_tprintf(szMsg);
+		_tprintf("%s", szMsg);
 		return FALSE;
 	}
 	return TRUE;
@@ -320,7 +320,7 @@
 	//
 	if( !LoadFMIFSEntryPoints()) {
 		LoadString( GetModuleHandle(NULL), STRING_FMIFS_FAIL, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-		_tprintf(szMsg);
+		_tprintf("%s", szMsg);
 		return -1;
 	}
 
@@ -422,7 +422,7 @@
 					break;
 				}
 				LoadString( GetModuleHandle(NULL), STRING_ERROR_LABEL, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-				_tprintf(szMsg);
+				_tprintf("%s", szMsg);
 			}
 		}
 
@@ -471,7 +471,7 @@
 				((float)(LONGLONG)totalNumberOfBytes.QuadPart)/(float)(1024.0*1024.0));
 		}
 		LoadString( GetModuleHandle(NULL), STRING_CREATE_FSYS, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-		_tprintf(szMsg);
+		_tprintf("%s", szMsg);
 	}
 
 	//
@@ -489,7 +489,7 @@
 #endif
 	if( Error ) return -1;
 	LoadString( GetModuleHandle(NULL), STRING_FMT_COMPLETE, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-	_tprintf(szMsg);
+	_tprintf("%s", szMsg);
 
 	//
 	// Enable compression if desired
@@ -504,7 +504,7 @@
 #endif
 
 			LoadString( GetModuleHandle(NULL), STRING_VOL_COMPRESS, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-			_tprintf(szMsg);
+			_tprintf("%s", szMsg);
 		}
 	}
 
@@ -514,7 +514,7 @@
 	if( !GotALabel ) {
 
 		LoadString( GetModuleHandle(NULL), STRING_ENTER_LABEL, (LPTSTR) szMsg,RC_STRING_MAX_SIZE);
-		_tprintf(szMsg);
+		_tprintf("%s", szMsg);
 		_fgetts( input, sizeof(LabelString)/2, stdin );
 
 		input[ _tcslen(input)-1] = 0;

More information about the Ros-diffs mailing list