Expect: View Ticket

Ticket Hash:	094d670f6250f34c7fcc62afdcfcede5083ea9b8
Title:	-Werror=format-security failures with building expect 5.45.4
Status:	Open	Type:	Code_Defect
Severity:	Important	Priority:
Subsystem:		Resolution:
Last Modified:	2022-04-19 21:52:02 3.20 years ago	Created:	2022-04-19 21:52:02 3.20 years ago
Version Found In:	5.45.4

User Comments:

anonymous added on 2022-04-19 21:52:02:

the following patch is needed to build the code with -Werror=format-security, which is a optional security test to avoid format-string vulnerabilities in C/C++ code.

--- exp_clib.c.orig	2017-03-24 10:34:37.269183513 -0400
+++ exp_clib.c	2017-03-24 10:34:41.171117943 -0400
@@ -1938,8 +1938,8 @@
      char *str;
 {
   if (exp_is_debugging) {
-    fprintf(stderr,str);
-    if (exp_logfile) fprintf(exp_logfile,str);
+    fprintf(stderr, "%s", str);
+    if (exp_logfile) fprintf(exp_logfile, "%s", str);
   }
 }