diff options
author | Ray Strode <rstrode@redhat.com> | 2018-03-28 15:28:28 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2018-04-03 14:16:29 -0400 |
commit | 00adeee1b6272017bb9db3be908df3a21bddc46b (patch) | |
tree | 791cf9ad983f6c880cae28acfe442773ea82f8c5 /src | |
parent | 9ae27dec3e58c1cc55d91cdf178f1d3e5adb2d07 (diff) | |
download | polkit-00adeee1b6272017bb9db3be908df3a21bddc46b.tar.gz |
jsauthority: pass "%s" format string to report functions
This just avoids the potential for security problems down the line.
Signed-off-by: Ray Strode <rstrode@redhat.com>
https://bugs.freedesktop.org/show_bug.cgi?id=105865
Diffstat (limited to 'src')
-rw-r--r-- | src/polkitbackend/polkitbackendjsauthority.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp index e8714cf..7c2d032 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp @@ -1469,7 +1469,7 @@ js_polkit_spawn (JSContext *cx, } g_string_append_printf (gstr, ", stdout=`%s', stderr=`%s'", standard_output, standard_error); - JS_ReportErrorUTF8 (cx, gstr->str); + JS_ReportErrorUTF8 (cx, "%s", gstr->str); g_string_free (gstr, TRUE); goto out; } |