From 27752e368cc8e6325894d3a2a31f3faa80cbd93f Mon Sep 17 00:00:00 2001
From: Xavier Roche <xroche@users.noreply.github.com>
Date: Wed, 28 May 2014 18:31:40 +0000
Subject: Rewrite template formatting to be format-injection proof.

---
 src/htscore.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/htscore.c')

diff --git a/src/htscore.c b/src/htscore.c
index 80efcb9..b1dac1a 100644
--- a/src/htscore.c
+++ b/src/htscore.c
@@ -387,9 +387,9 @@ if (makeindex_fp) { \
     sprintf(tempo,"<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=%s\">"CRLF, link_escaped); \
   } else \
     tempo[0]='\0'; \
-  fprintf(makeindex_fp,template_footer, \
+    hts_template_format(makeindex_fp,template_footer, \
     "<!-- Mirror and index made by HTTrack Website Copier/"HTTRACK_VERSION" "HTTRACK_AFF_AUTHORS" -->", \
-    tempo \
+    tempo, /* EOF */ NULL \
     ); \
   fflush(makeindex_fp); \
   fclose(makeindex_fp);  /* à ne pas oublier sinon on passe une nuit blanche */  \
-- 
cgit v1.2.3