From 6df7abcfa97c74250fb72cc86684e45aa593b79e Mon Sep 17 00:00:00 2001 From: Derek Atkins Date: Sun, 15 Jun 2003 22:51:40 +0000 Subject: [PATCH] * src/business/business-gnome/dialog-billterms.c: * src/business/business-gnome/dialog-customer.c: * src/business/business-gnome/dialog-employee.c: * src/business/business-gnome/dialog-payment.c: * src/business/business-gnome/dialog-vendor.c: * src/business/dialog-tax-table/dialog-tax-table.c: * src/gnome/dialog-scheduledxaction.c: * src/gnome/gnc-split-reg.c: * src/import-export/hbci/hbci-interaction.c: Change dialog statements to allow for embedded percent signs in the messages. In other words, don't allow user input into the format string of a printf. There may be other forms of this bug elsewhere -- the code should be manually scrubbed file by file for all printf()'s to make sure no user-servicable strings are used as a printf format argument. Fixes #115245. git-svn-id: svn+ssh://svn.gnucash.org/repo/gnucash/trunk@8613 57a11ea4-9604-0410-9ed3-97b8803252fd --- src/business/business-gnome/dialog-billterms.c | 10 ++++------ src/business/business-gnome/dialog-customer.c | 6 +++--- src/business/business-gnome/dialog-employee.c | 2 +- src/business/business-gnome/dialog-payment.c | 2 +- src/business/business-gnome/dialog-vendor.c | 2 +- src/business/dialog-tax-table/dialog-tax-table.c | 4 ++-- src/gnome/dialog-scheduledxaction.c | 4 ++-- src/gnome/gnc-split-reg.c | 8 ++++---- src/import-export/hbci/hbci-interaction.c | 4 ++-- 9 files changed, 20 insertions(+), 22 deletions(-) diff --git a/src/business/business-gnome/dialog-billterms.c b/src/business/business-gnome/dialog-billterms.c index 530846e7b5..528f8e1550 100644 --- a/src/business/business-gnome/dialog-billterms.c +++ b/src/business/business-gnome/dialog-billterms.c @@ -264,7 +264,7 @@ new_billterm_ok_cb (GtkWidget *widget, gpointer data) message = g_strdup_printf(_( "You must provide a unique name for this Billing Term.\n" "Your choice \"%s\" is already in use."), name); - gnc_error_dialog_parented (GTK_WINDOW (nbt->dialog), message); + gnc_error_dialog_parented (GTK_WINDOW (nbt->dialog), "%s", message); g_free (message); return; } @@ -604,11 +604,9 @@ billterms_delete_term_cb (GtkButton *button, BillTermsWindow *btw) return; if (gncBillTermGetRefcount (btw->current_term) > 0) { - char *message = - g_strdup_printf (_("Term \"%s\" is in use. You cannot delete it."), - gncBillTermGetName (btw->current_term)); - gnc_error_dialog_parented (GTK_WINDOW (btw->dialog), message); - g_free (message); + gnc_error_dialog_parented (GTK_WINDOW (btw->dialog), + _("Term \"%s\" is in use. You cannot delete it."), + gncBillTermGetName (btw->current_term)); return; } diff --git a/src/business/business-gnome/dialog-customer.c b/src/business/business-gnome/dialog-customer.c index da23c05c98..8a50ded938 100644 --- a/src/business/business-gnome/dialog-customer.c +++ b/src/business/business-gnome/dialog-customer.c @@ -195,7 +195,7 @@ static gboolean check_edit_amount (GtkWidget *dialog, GtkWidget *amount, { if (!gnc_amount_edit_evaluate (GNC_AMOUNT_EDIT (amount))) { if (error_message) - gnc_error_dialog_parented (GTK_WINDOW (dialog), error_message); + gnc_error_dialog_parented (GTK_WINDOW (dialog), "%s", error_message); return TRUE; } /* We've got a valid-looking number; check mix/max */ @@ -204,7 +204,7 @@ static gboolean check_edit_amount (GtkWidget *dialog, GtkWidget *amount, if ((min && gnc_numeric_compare (*min, val) > 0) || (max && gnc_numeric_compare (val, *max) > 0)) { if (error_message) - gnc_error_dialog_parented (GTK_WINDOW (dialog), error_message); + gnc_error_dialog_parented (GTK_WINDOW (dialog), "%s", error_message); return TRUE; } } @@ -217,7 +217,7 @@ static gboolean check_entry_nonempty (GtkWidget *dialog, GtkWidget *entry, const char *res = gtk_entry_get_text (GTK_ENTRY (entry)); if (safe_strcmp (res, "") == 0) { if (error_message) - gnc_error_dialog_parented (GTK_WINDOW (dialog), error_message); + gnc_error_dialog_parented (GTK_WINDOW (dialog), "%s", error_message); return TRUE; } return FALSE; diff --git a/src/business/business-gnome/dialog-employee.c b/src/business/business-gnome/dialog-employee.c index e2c1f1c936..0edab4ab82 100644 --- a/src/business/business-gnome/dialog-employee.c +++ b/src/business/business-gnome/dialog-employee.c @@ -174,7 +174,7 @@ static gboolean check_entry_nonempty (GtkWidget *dialog, GtkWidget *entry, const char *res = gtk_entry_get_text (GTK_ENTRY (entry)); if (safe_strcmp (res, "") == 0) { if (error_message) - gnc_error_dialog_parented (GTK_WINDOW (dialog), error_message); + gnc_error_dialog_parented (GTK_WINDOW (dialog), "%s", error_message); return TRUE; } return FALSE; diff --git a/src/business/business-gnome/dialog-payment.c b/src/business/business-gnome/dialog-payment.c index 46f9ecec07..fcb5717051 100644 --- a/src/business/business-gnome/dialog-payment.c +++ b/src/business/business-gnome/dialog-payment.c @@ -122,7 +122,7 @@ gnc_payment_ok_cb (GtkWidget *widget, gpointer data) char *msg = g_strdup_printf ( _("Your selected post account, %s, does not exist"), text); - gnc_error_dialog_parented (GTK_WINDOW (pw->dialog), msg); + gnc_error_dialog_parented (GTK_WINDOW (pw->dialog), "%s", msg); g_free (msg); return; } diff --git a/src/business/business-gnome/dialog-vendor.c b/src/business/business-gnome/dialog-vendor.c index 3e32420964..cfb36a813e 100644 --- a/src/business/business-gnome/dialog-vendor.c +++ b/src/business/business-gnome/dialog-vendor.c @@ -156,7 +156,7 @@ static gboolean check_entry_nonempty (GtkWidget *dialog, GtkWidget *entry, const char *res = gtk_entry_get_text (GTK_ENTRY (entry)); if (safe_strcmp (res, "") == 0) { if (error_message) - gnc_error_dialog_parented (GTK_WINDOW (dialog), error_message); + gnc_error_dialog_parented (GTK_WINDOW (dialog), "%s", error_message); return TRUE; } return FALSE; diff --git a/src/business/dialog-tax-table/dialog-tax-table.c b/src/business/dialog-tax-table/dialog-tax-table.c index 1b1b5d3b37..cd42614eab 100644 --- a/src/business/dialog-tax-table/dialog-tax-table.c +++ b/src/business/dialog-tax-table/dialog-tax-table.c @@ -76,7 +76,7 @@ new_tax_table_ok_cb (GtkWidget *widget, gpointer data) message = g_strdup_printf(_( "You must provide a unique name for this Tax Table.\n" "Your choice \"%s\" is already in use."), name); - gnc_error_dialog_parented (GTK_WINDOW (ntt->dialog), message); + gnc_error_dialog_parented (GTK_WINDOW (ntt->dialog), "%s", message); g_free (message); return; } @@ -509,7 +509,7 @@ tax_table_delete_table_cb (GtkButton *button, TaxTableWindow *ttw) char *message = g_strdup_printf (_("Tax table \"%s\" is in use. You cannot delete it."), gncTaxTableGetName (ttw->current_table)); - gnc_error_dialog_parented (GTK_WINDOW (ttw->dialog), message); + gnc_error_dialog_parented (GTK_WINDOW (ttw->dialog), "%s", message); g_free (message); return; } diff --git a/src/gnome/dialog-scheduledxaction.c b/src/gnome/dialog-scheduledxaction.c index 0d897e47ee..15f1e4ece5 100644 --- a/src/gnome/dialog-scheduledxaction.c +++ b/src/gnome/dialog-scheduledxaction.c @@ -1757,7 +1757,7 @@ delete_button_clicked( GtkButton *b, gpointer d ) * they confirm they actually want to do the deletion * generically. If it's false, cleanup and return. */ if ( ! (destroyOpenedResult = - gnc_verify_dialog_parented( sxd->dialog, FALSE, + gnc_verify_dialog_parented( sxd->dialog, FALSE, "%s", realConfDelOpenMsg->str )) ) { for ( l = beingEditedList; l; l = l->next ) { g_list_free( (GList*)l->data ); @@ -1768,7 +1768,7 @@ delete_button_clicked( GtkButton *b, gpointer d ) } } - if ( gnc_verify_dialog_parented( sxd->dialog, FALSE, + if ( gnc_verify_dialog_parented( sxd->dialog, FALSE, "%s", realConfDeleteMsg->str ) ) { /* Close the being-edited transactions. */ if ( destroyOpenedResult ) { diff --git a/src/gnome/gnc-split-reg.c b/src/gnome/gnc-split-reg.c index 5d6963eb34..0795c4bfbd 100644 --- a/src/gnome/gnc-split-reg.c +++ b/src/gnome/gnc-split-reg.c @@ -1163,10 +1163,10 @@ gsr_default_delete_handler( GNCSplitReg *gsr, gpointer data ) g_free (buf); buf = new_buf; result = - gnc_generic_warning_dialog_parented(gsr->window, two_choices, buf); + gnc_generic_warning_dialog_parented(gsr->window, two_choices, "%s", buf); } else { result = - gnc_generic_question_dialog_parented(gsr->window, two_choices,buf); + gnc_generic_question_dialog_parented(gsr->window, two_choices, "%s", buf); } g_free(buf); @@ -1197,7 +1197,7 @@ gsr_default_delete_handler( GNCSplitReg *gsr, gpointer data ) } else { buf = g_strdup (message); result = - gnc_generic_question_dialog_parented(gsr->window, two_choices,buf); + gnc_generic_question_dialog_parented(gsr->window, two_choices, buf); } g_free (buf); @@ -2098,7 +2098,7 @@ gtk_callback_bug_workaround (gpointer argp) { dialog_args *args = argp; - gnc_warning_dialog_parented(args->gsr->window, args->string); + gnc_warning_dialog_parented(args->gsr->window, "%s", args->string); g_free(args); return FALSE; } diff --git a/src/import-export/hbci/hbci-interaction.c b/src/import-export/hbci/hbci-interaction.c index 2f37f91010..06abc96f9a 100644 --- a/src/import-export/hbci/hbci-interaction.c +++ b/src/import-export/hbci/hbci-interaction.c @@ -345,7 +345,7 @@ static int msgInsertMediumOrAbort(const HBCI_User *user, retval = gnc_ok_cancel_dialog_parented (data->parent, GNC_VERIFY_OK, - msgstr); + "%s", msgstr); g_free (msgstr); return (retval == GNC_VERIFY_OK); @@ -414,7 +414,7 @@ static int msgInsertCorrectMediumOrAbort(const HBCI_User *user, retval = gnc_ok_cancel_dialog_parented (data->parent, GNC_VERIFY_OK, - msgstr); + "%s", msgstr); g_free (msgstr); return (retval == GNC_VERIFY_OK);