Expect

View Ticket
Login

View Ticket

Edit New Ticket Plaintext
Ticket Hash: 094d670f6250f34c7fcc62afdcfcede5083ea9b8
Title: -Werror=format-security failures with building expect 5.45.4
Status: Open Type: Code_Defect
Severity: Important Priority:
Subsystem: Resolution:
Last Modified: 2022-04-19 21:52:02
Version Found In: 5.45.4
User Comments:
anonymous added on 2022-04-19 21:52:02:

the following patch is needed to build the code with -Werror=format-security, which is a optional security test to avoid format-string vulnerabilities in C/C++ code. 

--- exp_clib.c.orig	2017-03-24 10:34:37.269183513 -0400
+++ exp_clib.c	2017-03-24 10:34:41.171117943 -0400
@@ -1938,8 +1938,8 @@
      char *str;
 {
   if (exp_is_debugging) {
-    fprintf(stderr,str);
-    if (exp_logfile) fprintf(exp_logfile,str);
+    fprintf(stderr, "%s", str);
+    if (exp_logfile) fprintf(exp_logfile, "%s", str);
   }
 }