diff -up bar-1.10.9/args.c.format-security bar-1.10.9/args.c
--- bar-1.10.9/args.c.format-security 2014-06-12 16:01:36.990747232 -0400
+++ bar-1.10.9/args.c 2014-06-12 16:04:20.065747232 -0400
@@ -587,7 +587,7 @@ void help(FILE *out)
fprintf(out, "\n ");
screen_used = 7;
}
- fprintf(out, option_buffer);
+ fprintf(out, "%s", option_buffer);
screen_used += strlen(option_buffer);
}
@@ -615,7 +615,7 @@ void help(FILE *out)
fprintf(out, "\n ");
screen_used = 7;
}
- fprintf(out, option_buffer);
+ fprintf(out, "%s", option_buffer);
screen_used += strlen(option_buffer);
}
diff -up bar-1.10.9/display.c.format-security bar-1.10.9/display.c
--- bar-1.10.9/display.c.format-security 2007-06-06 15:07:41.000000000 -0400
+++ bar-1.10.9/display.c 2014-06-12 16:03:29.713747232 -0400
@@ -308,10 +308,10 @@ void displayAnsi(char *fg, char *bg, int
{
if (d.display_ansi) {
if (fg != 0) {
- fprintf(stderr, fg);
+ fprintf(stderr, "%s", fg);
}
if (bg != 0) {
- fprintf(stderr, bg);
+ fprintf(stderr, "%s", bg);
}
if (b) {
fprintf(stderr, "�[1m");