tags 643456 +patch
thanks
I've attatched a patch that fixes the build.
In the process of fixing one of the format security warnings I also
fixed a potential (but almost certainly non-exploitable and highly
unlikely to happen by accident) buffer overflow.
Only in pidgin-festival-2.4: pidgin-festival.spec
diff -ur pidgin-festival-2.4/src/festival.c pidgin-festival-2.4.new/src/festival.c
--- pidgin-festival-2.4/src/festival.c 2009-05-13 06:32:19.000000000 +0000
+++ pidgin-festival-2.4.new/src/festival.c 2011-11-10 02:17:55.000000000 +0000
@@ -103,7 +103,7 @@
daemon=sndserver;
}
else{
- purple_debug(PURPLE_DEBUG_INFO, "pidgin festival sound method ", sndType);
+ purple_debug(PURPLE_DEBUG_INFO, "pidgin festival sound method ","%s", sndType);
}
return daemon;
}
@@ -320,7 +320,7 @@
text->str[i] = ' ';
g_string_printf(buffer,"(SayText \"%s\")", text->str);
- purple_debug(PURPLE_DEBUG_INFO, "pidgin festival", buffer->str);
+ purple_debug(PURPLE_DEBUG_INFO, "pidgin festival","%s", buffer->str);
fputs(buffer->str,festival_pf);
fflush(festival_pf);
g_string_free(buffer,TRUE);
@@ -531,8 +531,8 @@
return FALSE;
char proc[1024];
- sprintf(proc, "%s %s", snd((char *)purple_prefs_get_string("/pidgin/sound/method")), line);
- purple_debug(PURPLE_DEBUG_INFO, "pidgin festival", proc);
+ snprintf(proc,1024, "%s %s", snd((char *)purple_prefs_get_string("/pidgin/sound/method")), line);
+ purple_debug(PURPLE_DEBUG_INFO, "pidgin festival","%s", proc);
int errno=0;
festival_pf= popen(proc,"w");
