diff options
author | Ray Strode <rstrode@redhat.com> | 2018-03-28 15:28:28 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2018-04-03 10:49:31 -0400 |
commit | ebf152027cd5b39598c9a5f237f5fd17551a2ef2 (patch) | |
tree | 791cf9ad983f6c880cae28acfe442773ea82f8c5 | |
parent | 4334feaacedabf828dbd82ec9c12a15a4727bd46 (diff) | |
download | polkit-ebf152027cd5b39598c9a5f237f5fd17551a2ef2.tar.gz |
jsauthority: pass "%s" format string to report functions
This just avoids the potential for security problems down the line.
Signed-off-by: Ray Strode <rstrode@redhat.com>
https://bugs.freedesktop.org/show_bug.cgi?id=105865
-rw-r--r-- | src/polkitbackend/polkitbackendjsauthority.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp index e8714cf..7c2d032 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp @@ -1469,7 +1469,7 @@ js_polkit_spawn (JSContext *cx, } g_string_append_printf (gstr, ", stdout=`%s', stderr=`%s'", standard_output, standard_error); - JS_ReportErrorUTF8 (cx, gstr->str); + JS_ReportErrorUTF8 (cx, "%s", gstr->str); g_string_free (gstr, TRUE); goto out; } |