fix security flaw where untrusted input wasn't being sanitized

2025-06-29 13:26:44 +02:00 · 2014-07-26 21:22:55 -04:00
parent 3cae1d92cd
commit 77e152ad36
2 changed files with 13 additions and 6 deletions
--- a/src/line_info.h
+++ b/src/line_info.h
@ -67,7 +67,8 @@ struct history {
    int queue_sz;
 };

-/* creates new line_info line and puts it in the queue */
+/* creates new line_info line and puts it in the queue. 
+   SYS_MSG lines may contain an arbitrary number of arguments for string formatting */
 void line_info_add(ToxWindow *self, char *tmstmp, char *name1, char *name2, uint8_t type, uint8_t bold, 
                   uint8_t colour, const char *msg, ...);