diff options
author | Ray Strode <rstrode@redhat.com> | 2018-03-28 15:28:28 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2018-03-28 16:46:31 -0400 |
commit | af63d4ac2f05bf60a6d30ccee17f2fb0c7f17b56 (patch) | |
tree | 6764deffc9d57a6b57a73fd7d0bc3d87a4c29759 /src | |
parent | b916901a54afadadd876ac2753e27933a6c69077 (diff) | |
download | polkit-af63d4ac2f05bf60a6d30ccee17f2fb0c7f17b56.tar.gz |
jsauthority: pass "%s" format string to report functions
This just avoids the potential for security problems down the line.
Diffstat (limited to 'src')
-rw-r--r-- | src/polkitbackend/polkitbackendjsauthority.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp index ad2dcd2..5410507 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp @@ -1464,7 +1464,7 @@ js_polkit_spawn (JSContext *cx, } g_string_append_printf (gstr, ", stdout=`%s', stderr=`%s'", standard_output, standard_error); - JS_ReportErrorUTF8 (cx, gstr->str); + JS_ReportErrorUTF8 (cx, "%s", gstr->str); g_string_free (gstr, TRUE); goto out; } |