diff -Naur nss-3.12.3/mozilla/security/nss/cmd/certcgi/certcgi.c nss-3.12.3.tpg/mozilla/security/nss/cmd/certcgi/certcgi.c --- nss-3.12.3/mozilla/security/nss/cmd/certcgi/certcgi.c 2008-02-16 01:17:40.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/certcgi/certcgi.c 2009-05-30 17:24:44.000000000 +0000 @@ -97,7 +97,7 @@ error_out(char *error_string) { printf("Content-type: text/plain\n\n"); - printf(error_string); + printf("%s", error_string); fflush(stderr); fflush(stdout); exit(1); diff -Naur nss-3.12.3/mozilla/security/nss/cmd/certutil/certext.c nss-3.12.3.tpg/mozilla/security/nss/cmd/certutil/certext.c --- nss-3.12.3/mozilla/security/nss/cmd/certutil/certext.c 2009-02-19 19:51:52.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/certutil/certext.c 2009-05-30 17:24:44.000000000 +0000 @@ -100,7 +100,7 @@ static SECStatus PrintChoicesAndGetAnswer(char* str, char* rBuff, int rSize) { - fprintf(stdout, str); + fprintf(stdout, "%s", str); fprintf(stdout, " > "); fflush (stdout); if (Gets_s(rBuff, rSize) == NULL) { diff -Naur nss-3.12.3/mozilla/security/nss/cmd/certutil/keystuff.c nss-3.12.3.tpg/mozilla/security/nss/cmd/certutil/keystuff.c --- nss-3.12.3/mozilla/security/nss/cmd/certutil/keystuff.c 2009-02-19 04:24:41.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/certutil/keystuff.c 2009-05-30 17:24:44.000000000 +0000 @@ -95,7 +95,7 @@ char meter[] = { "\r| |" }; -#define FPS fprintf(stderr, +#define FPS fprintf(stderr, "%s", FPS "\n"); FPS "A random seed must be generated that will be used in the\n"); FPS "creation of your key. One of the easiest ways to create a\n"); diff -Naur nss-3.12.3/mozilla/security/nss/cmd/digest/digest.c nss-3.12.3.tpg/mozilla/security/nss/cmd/digest/digest.c --- nss-3.12.3/mozilla/security/nss/cmd/digest/digest.c 2004-10-07 04:13:50.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/digest/digest.c 2009-05-30 17:24:44.000000000 +0000 @@ -105,7 +105,7 @@ "-t type"); fprintf(stderr, "%-20s ", ""); for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) { - fprintf(stderr, HashTypeToOID(htype)->desc); + fprintf(stderr, "%s", HashTypeToOID(htype)->desc); if (htype == (HASH_AlgTOTAL - 2)) fprintf(stderr, " or "); else if (htype != (HASH_AlgTOTAL - 1)) diff -Naur nss-3.12.3/mozilla/security/nss/cmd/lib/secutil.c nss-3.12.3.tpg/mozilla/security/nss/cmd/lib/secutil.c --- nss-3.12.3/mozilla/security/nss/cmd/lib/secutil.c 2009-03-17 08:46:24.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/lib/secutil.c 2009-05-30 17:24:44.000000000 +0000 @@ -1067,7 +1067,7 @@ } if (PR_FormatTime(timeString, 256, "%a %b %d %H:%M:%S %Y", &printableTime)) { - fprintf(out, timeString); + fprintf(out, "%s", timeString); } if (m != NULL) @@ -2848,7 +2848,7 @@ iv = 0; while ((entry = crl->entries[iv++]) != NULL) { sprintf(om, "Entry (%x):\n", iv); - SECU_Indent(out, level + 1); fprintf(out, om); + SECU_Indent(out, level + 1); fprintf(out, "%s", om); SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number", level + 2); SECU_PrintTimeChoice(out, &(entry->revocationDate), diff -Naur nss-3.12.3/mozilla/security/nss/cmd/pk12util/pk12util.c nss-3.12.3.tpg/mozilla/security/nss/cmd/pk12util/pk12util.c --- nss-3.12.3/mozilla/security/nss/cmd/pk12util/pk12util.c 2008-09-26 17:45:16.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/pk12util/pk12util.c 2009-05-30 17:24:44.000000000 +0000 @@ -555,11 +555,11 @@ if ((error_value == SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY) || (error_value == SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME) || (error_value == SEC_ERROR_PKCS12_UNABLE_TO_WRITE)) { - fprintf(stderr, SECU_ErrorStringRaw((int16)error_value)); + fprintf(stderr, "%s", SECU_ErrorStringRaw((int16)error_value)); } else if(error_value == SEC_ERROR_USER_CANCELLED) { ; } else { - fprintf(stderr, SECU_ErrorStringRaw(SEC_ERROR_EXPORTING_CERTIFICATES)); + fprintf(stderr, "%s", SECU_ErrorStringRaw(SEC_ERROR_EXPORTING_CERTIFICATES)); } } diff -Naur nss-3.12.3/mozilla/security/nss/cmd/signver/pk7print.c nss-3.12.3.tpg/mozilla/security/nss/cmd/signver/pk7print.c --- nss-3.12.3/mozilla/security/nss/cmd/signver/pk7print.c 2008-10-06 23:37:54.000000000 +0000 +++ nss-3.12.3.tpg/mozilla/security/nss/cmd/signver/pk7print.c 2009-05-30 17:24:44.000000000 +0000 @@ -79,7 +79,7 @@ { unsigned i; - if (m) fprintf(out, m); + if (m) fprintf(out, "%s", m); for (i = 0; i < data->len; i++) { if (i < data->len - 1) { @@ -136,10 +136,10 @@ { int rv; - fprintf(out, m); + fprintf(out, "%s", m); rv = sv_PrintTime(out, &v->notBefore, "notBefore="); if (rv) return rv; - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintTime(out, &v->notAfter, "notAfter="); return rv; } @@ -181,7 +181,7 @@ int i; char om[100]; - fprintf(out, m); + fprintf(out, "%s", m); /* * XXX Make this smarter; look at the type field and then decode @@ -278,16 +278,16 @@ SEC_PKCS7Attribute *attr; int iv; - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &(info->version), "version="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintName(out, &(info->issuerAndSN->issuer), "issuerName="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &(info->issuerAndSN->serialNumber), "serialNumber="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintAlgorithmID(out, &(info->digestAlg), "digestAlgorithm="); if (info->authAttr != NULL) { @@ -304,9 +304,9 @@ } /* Parse and display signature */ - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintAlgorithmID(out, &(info->digestEncAlg), "digestEncryptionAlgorithm="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintAsHex(out, &(info->encDigest), "encryptedDigest="); if (info->unAuthAttr != NULL) { @@ -326,22 +326,22 @@ void sv_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m) { - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &pk->u.rsa.modulus, "modulus="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &pk->u.rsa.publicExponent, "exponent="); } void sv_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m) { - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &pk->u.dsa.params.prime, "prime="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &pk->u.dsa.params.subPrime, "subprime="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &pk->u.dsa.params.base, "base="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintInteger(out, &pk->u.dsa.publicValue, "publicValue="); } @@ -432,7 +432,7 @@ oidTag = SECOID_FindOIDTag (&((*extensions)->id)); - fprintf(out, msg); + fprintf(out, "%s", msg); tmpitem = &((*extensions)->value); if (oidTag == SEC_OID_X509_INVALID_DATE) sv_PrintInvalidDateExten (out, tmpitem,"invalidExt"); @@ -458,13 +458,13 @@ int iv; char om[100]; - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintAlgorithmID(out, &(crl->signatureAlg), "signatureAlgorithm="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintName(out, &(crl->name), "name="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintTime(out, &(crl->lastUpdate), "lastUpdate="); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintTime(out, &(crl->nextUpdate), "nextUpdate="); if (crl->entries != NULL) { @@ -563,10 +563,10 @@ } m[PORT_Strlen(m) - 5] = 0; - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintAlgorithmID(out, &sd->signatureAlgorithm, "signatureAlgorithm="); DER_ConvertBitString(&sd->signature); - fprintf(out, m); + fprintf(out, "%s", m); sv_PrintAsHex(out, &sd->signature, "signature="); PORT_FreeArena(arena, PR_FALSE); @@ -632,11 +632,11 @@ iv = 0; while ((aCrl = src->crls[iv]) != NULL) { sprintf(om, "signedRevocationList[%d].", iv); - fprintf(out, om); + fprintf("%s", out, om); sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, "signatureAlgorithm="); DER_ConvertBitString(&aCrl->signatureWrap.signature); - fprintf(out, om); + fprintf("%s", out, om); sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "signature="); sprintf(om, "certificateRevocationList[%d].", iv); sv_PrintCRLInfo(out, &aCrl->crl, om);