[SCM] vdr-plugin-radio packaging repository branch, master, updated. debian/0.9.0-1-4-g7651cc4

Sun Mar 10 22:35:02 UTC 2013

The following commit has been merged in the master branch:
commit 7651cc4c921b2b3be7e616383b98cc19802114fa
Author: etobi <git at e-tobi.net>
Date:   Sun Mar 10 23:19:06 2013 +0100

    Added formatstrings.patch to fix security warning for using non-formatting string

diff --git a/debian/changelog b/debian/changelog
index bac962c..5c081b7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,12 +1,13 @@
-vdr-plugin-radio (0.9.1-1) UNRELEASED; urgency=low
+vdr-plugin-radio (0.9.1-1) experimental; urgency=low
 
   * New upstream release
   * Using debhelper 9
   * Updated debian/copyright
   * Build-depend on vdr-dev (>= 1.7.40)
   * Standards-Version: 3.9.4
+  * Added formatstrings.patch to fix security warning for using non-formatting string
 
- -- Tobias Grimm <etobi at debian.org>  Sun, 10 Mar 2013 23:10:00 +0100
+ -- Tobias Grimm <etobi at debian.org>  Sun, 10 Mar 2013 23:17:59 +0100
 
 vdr-plugin-radio (0.9.0-1) experimental; urgency=low
 
diff --git a/debian/patches/formatstrings.patch b/debian/patches/formatstrings.patch
new file mode 100644
index 0000000..4c550f3
--- /dev/null
+++ b/debian/patches/formatstrings.patch
@@ -0,0 +1,65 @@
+Index: vdr-plugin-radio/radiotools.c
+===================================================================
+--- vdr-plugin-radio.orig/radiotools.c	2013-03-10 23:27:17.000000000 +0100
++++ vdr-plugin-radio/radiotools.c	2013-03-10 23:27:44.000000000 +0100
+@@ -222,7 +222,7 @@
+                             break;
+                 case 0x02:  asprintf(&temp, "V2");
+                             break;
+-                case 0x03:  asprintf(&temp, bitrates[3-layer][data[hl+2] >> 4]);
++                case 0x03:  asprintf(&temp, "%s", bitrates[3-layer][data[hl+2] >> 4]);
+                             break;
+                 }
+             }
+Index: vdr-plugin-radio/radioepg.c
+===================================================================
+--- vdr-plugin-radio.orig/radioepg.c	2013-03-10 23:27:17.000000000 +0100
++++ vdr-plugin-radio/radioepg.c	2013-03-10 23:27:44.000000000 +0100
+@@ -104,8 +104,8 @@
+     int nextevent = epgend - time(NULL);
+ 
+     if (strcmp(RTP_Artist, artist)!=0 || strcmp(RTP_Title, titel)!=0) {
+-        snprintf(RTP_Artist, RT_MEL, artist);
+-        snprintf(RTP_Title, RT_MEL, titel);
++        snprintf(RTP_Artist, RT_MEL, "%s", artist);
++        snprintf(RTP_Title, RT_MEL, "%s", titel);
+         RTP_Starttime = epgstart;
+         struct tm *ts = localtime_r(&RTP_Starttime, &tm_store);
+         if (++rtp_content.rt_Index >= 2*MAX_RTPC) 
+@@ -201,8 +201,8 @@
+     int nextevent = epgend - time(NULL);
+ 
+     if (strcmp(RTP_Artist, artist)!=0 || strcmp(RTP_Title, titel)!=0) {
+-        snprintf(RTP_Artist, RT_MEL, artist);
+-        snprintf(RTP_Title, RT_MEL, titel);
++        snprintf(RTP_Artist, RT_MEL, "%s", artist);
++        snprintf(RTP_Title, RT_MEL, "%s", titel);
+         RTP_Starttime = epgstart;
+         struct tm *ts = localtime_r(&RTP_Starttime, &tm_store);
+         if (++rtp_content.rt_Index >= 2*MAX_RTPC) 
+@@ -275,8 +275,8 @@
+     int nextevent = epgend - time(NULL);
+ 
+     if (strcmp(RTP_Artist, artist)!=0 || strcmp(RTP_Title, titel)!=0) {
+-        snprintf(RTP_Artist, RT_MEL, artist);
+-        snprintf(RTP_Title, RT_MEL, titel);
++        snprintf(RTP_Artist, RT_MEL, "%s", artist);
++        snprintf(RTP_Title, RT_MEL, "%s", titel);
+         RTP_Starttime = epgstart;
+         struct tm *ts = localtime_r(&RTP_Starttime, &tm_store);
+         if (++rtp_content.rt_Index >= 2*MAX_RTPC) 
+Index: vdr-plugin-radio/inforx.c
+===================================================================
+--- vdr-plugin-radio.orig/inforx.c	2011-10-29 16:28:16.000000000 +0200
++++ vdr-plugin-radio/inforx.c	2013-03-10 23:28:13.000000000 +0100
+@@ -119,8 +119,8 @@
+     xhtml2text(artist);
+     xhtml2text(titel);
+ 	if (strcmp(RTP_Artist, artist) != 0 || strcmp(RTP_Title, titel) != 0) {
+-	    snprintf(RTP_Artist, RT_MEL, artist);
+-		snprintf(RTP_Title, RT_MEL, titel);
++	    snprintf(RTP_Artist, RT_MEL, "%s", artist);
++		snprintf(RTP_Title, RT_MEL, "%s", titel);
+ 		RTP_Starttime = time(NULL);
+ 	    sprintf(temp[0], "%s  ok :-)", ident);
+ 	    struct tm *ts = localtime_r(&RTP_Starttime, &tm_store);
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..d7842d0
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+formatstrings.patch
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)

-- 
vdr-plugin-radio packaging repository

