>change
> bi_errorf(Tbadsubst);
>to
> bi_errorf0(Tbadsubst);
>where bi_errorf0 is declared as
> void bi_errorf0(const char *); // without format check
>and implemented as a weak alias:
> void bi_errorf0(const char *s) __attribute__((weak, alias("bi_errorf")));
For the record: this is both compiler-specific (there’s no direct
use of __attribute__ in the code, and there must not be any use
that can’t be done with other compilers either) and insecure. DO
NOT DO THAT. Those strings are actually format strings and treated
as such.
bye,
//mirabilos
--
(gnutls can also be used, but if you are compiling lynx for your own use,
there is no reason to consider using that package)
-- Thomas E. Dickey on the Lynx mailing list, about OpenSSL
Chih-Hung Hsieh dixit:
>change Tbadsubst) ; Tbadsubst) ; _((weak, alias(" bi_errorf" )));
> bi_errorf(
>to
> bi_errorf0(
>where bi_errorf0 is declared as
> void bi_errorf0(const char *); // without format check
>and implemented as a weak alias:
> void bi_errorf0(const char *s) __attribute_
For the record: this is both compiler-specific (there’s no direct
use of __attribute__ in the code, and there must not be any use
that can’t be done with other compilers either) and insecure. DO
NOT DO THAT. Those strings are actually format strings and treated
as such.
bye,
//mirabilos
--
(gnutls can also be used, but if you are compiling lynx for your own use,
there is no reason to consider using that package)
-- Thomas E. Dickey on the Lynx mailing list, about OpenSSL