Description: hardening format string
 We should not pass strings as format string directly.
Author: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Last-Update: 2021-01-26
--- a/cmds.c
+++ b/cmds.c
@@ -315,7 +315,7 @@ deleterow(register int arg)
 	rs = rs > 0 ? rs : 0;
 	snprintf(buf, sizeof buf, "Can't delete %d row%s %d row%s left", arg,
 		(arg != 1 ? "s," : ","), rs, (rs != 1 ? "s" : ""));
-	error(buf);
+	error("%s", buf);
 	return;
     }
     if (fr) {
@@ -458,7 +458,7 @@ yankrow(int arg) {
 	rs = rs > 0 ? rs : 0;
 	snprintf(buf, sizeof buf, "Can't yank %d row%s %d row%s left", arg,
 		(arg != 1 ? "s," : ","), rs, (rs != 1 ? "s" : ""));
-	error(buf);
+	error("%s", buf);
 	return;
     }
     sync_refs();
@@ -512,7 +512,7 @@ yankcol(int arg) {
     	cs = cs > 0 ? cs : 0;
 	snprintf(buf, sizeof buf, "Can't yank %d column%s %d column%s left",
 	    arg, (arg != 1 ? "s," : ","), cs, (cs != 1 ? "s" : ""));
-	error(buf);
+	error("%s", buf);
 	return;
     }
     sync_refs();
@@ -1183,7 +1183,7 @@ closecol(int arg)
     	cs = cs > 0 ? cs : 0;
 	snprintf(buf, sizeof buf, "Can't delete %d column%s %d column%s left",
 	    arg, (arg != 1 ? "s," : ","), cs, (cs != 1 ? "s" : ""));
-	error(buf);
+	error("%s", buf);
 	return;
     }
     if (any_locked_cells(0, curcol, maxrow, curcol + arg - 1)) {
--- a/interp.c
+++ b/interp.c
@@ -2046,7 +2046,7 @@ str_search(char *s, int firstrow, int fi
 	scxfree(s);
 	tmp = scxmalloc(160);
 	regerror(errcode, &preg, tmp, sizeof(tmp));
-	error(tmp);
+	error("%s", tmp);
 	scxfree(tmp);
 	return;
     }
--- a/screen.c
+++ b/screen.c
@@ -1053,7 +1053,7 @@ update(int anychanged)		/* did any cell
     if (revmsg[0]) {
 	(void) move(0, 0);
 	(void) clrtoeol();	/* get rid of topline display */
-	(void) printw(revmsg);
+	(void) printw("%s", revmsg);
 	*revmsg = '\0';		/* don't show it again */
 	if (braille)
 	    if (message)
@@ -1074,7 +1074,7 @@ update(int anychanged)		/* did any cell
     if (revmsg[0]) {
 	(void) move(0, 0);
 	(void) clrtoeol();	/* get rid of topline display */
-	(void) printw(revmsg);
+	(void) printw("%s", revmsg);
 	*revmsg = '\0';		/* don't show it again */
 	if (braille)
 	    if (message)
--- a/vi.c
+++ b/vi.c
@@ -1540,7 +1540,7 @@ search_hist(void) {
     if ((errcode = regcomp(last_search, line, REG_EXTENDED))) {
 	char *tmp = scxmalloc(160);
 	regerror(errcode, last_search, tmp, sizeof(tmp));
-	error(tmp);
+	error("%s", tmp);
 	scxfree(tmp);
 	return;
     }
@@ -2031,7 +2031,7 @@ query(const char *s, char *data)
 	linelim = 0;
     }
     if (s != NULL) {
-    	error(s);
+    	error("%s", s);
     }
 
     while (linelim >= 0) {
--- a/vmtbl.c
+++ b/vmtbl.c
@@ -56,7 +56,7 @@ checkbounds(int *rowp, int *colp)
     newptr = scxrealloc(oldptr, \
 	    nelem * sizeof(type)); \
     if (newptr == (type *)NULL) { \
-	error(msg); \
+	error("%s", msg);		  \
 	return (FALSE); \
     } \
     oldptr = newptr /* wait incase we can't alloc */
@@ -119,7 +119,7 @@ growtbl(int rowcol, int toprow, int topc
     if ((rowcol == GROWCOL) || (rowcol == GROWBOTH)) {
 	if ((rowcol == GROWCOL) && ((maxcols == ABSMAXCOLS) ||
 		(topcol >= ABSMAXCOLS))) {
-	    error(nowider);
+	    error("%s", nowider);
 	    return (FALSE);
 	}
 
@@ -174,7 +174,7 @@ growtbl(int rowcol, int toprow, int topc
 	for (i = 0; i < maxrows; i++) {
 	    if ((tbl[i] = scxrealloc(tbl[i],
 		newcols * sizeof(struct ent **))) == (struct ent **)0) {
-	    error(nowider);
+	    error("%s", nowider);
 	    return(FALSE);
 	    }
 	for (nullit = ATBL(tbl, i, maxcols), cnt = 0;
@@ -192,7 +192,7 @@ growtbl(int rowcol, int toprow, int topc
     for (; i < newrows; i++) {
 	if ((tbl[i] = scxmalloc((newcols *
 		sizeof(struct ent **)))) == NULL) {
-	    error(nowider);
+	    error("%s", nowider);
 	    return(FALSE);
 	}
 	for (nullit = tbl[i], cnt = 0; cnt < newcols; cnt++, nullit++)
--- a/sc.h
+++ b/sc.h
@@ -42,7 +42,7 @@
 #define COLFORMATS	 10	/* Number of custom column formats */
 #define DELBUFSIZE	 40	/* Number of named buffers + 4 */
 #ifdef PSC
-# define error(msg)	fprintf(stderr, msg);
+# define error(format, msg...)	fprintf(stderr, format, ## msg);
 #else
 # define error(format, msg...) (void)(isatty(fileno(stdout)) && !move(1,0) && !clrtoeol() && printw(format, ## msg))
 #endif
--- a/gram.y
+++ b/gram.y
@@ -990,7 +990,7 @@ command:	S_LET var_or_range '=' e
 	|	S_QUERY			{ doquery(NULL, NULL, macrofd); }
 	|	S_QUERY '|' NUMBER	{ doquery(NULL, NULL, $3); }
 	|	S_GETKEY		{ dogetkey(); }
-	|	S_ERROR STRING		{ error($2); }
+	|	S_ERROR STRING		{ error("%s", $2); }
 	|	S_STATUS			{ dostat(macrofd); }
 	|	S_STATUS '|' NUMBER	{ dostat($3); }
 	|	S_RECALC		{ EvalAll();
