1Index: scsirastools-1.6.6/src/sgcommon.c 2=================================================================== 3--- scsirastools-1.6.6.orig/src/sgcommon.c 4+++ scsirastools-1.6.6/src/sgcommon.c 5@@ -304,8 +304,8 @@ void showit(char *buf) 6 fdlog = stderr; 7 } 8 } 9- if (flogopen) fprintf(fdlog, buf); /*write to log */ 10- fprintf(fdmsg, buf); /*defaults to stdout */ 11+ if (flogopen) fprintf(fdlog, "%s", buf); /*write to log */ 12+ fprintf(fdmsg, "%s", buf); /*defaults to stdout */ 13 } 14 15 void showlog(const char * format, ...) 16Index: scsirastools-1.6.6/src/sgdefects.c 17=================================================================== 18--- scsirastools-1.6.6.orig/src/sgdefects.c 19+++ scsirastools-1.6.6/src/sgdefects.c 20@@ -226,7 +226,7 @@ int main(int argc, char **argv) 21 (" ******************************************\n"); 22 if (flogopen) 23 printf("Log file %s is open\n", logfile); 24- printf(HeaderStr); 25+ printf("%s", HeaderStr); 26 /* get SCSI Device Info */ 27 idev = 0; 28 flags = O_RDWR; /* could use OPEN_FLAG if read-only. */ 29Index: scsirastools-1.6.6/src/sgdiag.c 30=================================================================== 31--- scsirastools-1.6.6.orig/src/sgdiag.c 32+++ scsirastools-1.6.6/src/sgdiag.c 33@@ -250,7 +250,7 @@ int main(int argc, char **argv) 34 printf(" ******************************************\n"); 35 if (flogopen) 36 printf("Log file %s is open, debug=%d\n", logfile,fdebug); 37- printf(HeaderStr); 38+ printf("%s", HeaderStr); 39 } 40 /* get SCSI Device Info */ 41 idev = 0; 42@@ -356,12 +356,12 @@ int main(int argc, char **argv) 43 case 'F': 44 case 'f': 45 func = 'f'; 46- printf(erase_msg); 47+ printf("%s", erase_msg); 48 break; 49 case 'W': 50 case 'w': 51 func = 'w'; 52- printf(erase_msg); 53+ printf("%s", erase_msg); 54 break; 55 case 'S': 56 case 's': 57Index: scsirastools-1.6.6/src/sgdiskmon.c 58=================================================================== 59--- scsirastools-1.6.6.orig/src/sgdiskmon.c 60+++ scsirastools-1.6.6/src/sgdiskmon.c 61@@ -197,9 +197,9 @@ void showit(char *buf) 62 } 63 } 64 if (flogopen) 65- fprintf(fdlog, buf); /*write to log */ 66+ fprintf(fdlog, "%s", buf); /*write to log */ 67 if (!background) 68- fprintf(fdmsg, buf); /*message display defaults to stdout */ 69+ fprintf(fdmsg, "%s", buf); /*message display defaults to stdout */ 70 } 71 72 /* 73@@ -235,7 +235,7 @@ rem_scsi_dev(int bus, int ch, int id, in 74 fp = fopen("/proc/scsi/scsi","r+"); 75 if (fp == NULL) return(errno); 76 sprintf(cmd,"remove-single-device %d %d %d %d",bus,ch,id,lun); 77- n = fprintf(fp,cmd); 78+ n = fprintf(fp,"%s", cmd); 79 fclose(fp); 80 strcat(cmd,"\n"); 81 showit(cmd); 82@@ -256,7 +256,7 @@ add_scsi_dev(int bus, int ch, int id, in 83 fp = fopen("/proc/scsi/scsi","r+"); 84 if (fp == NULL) return(errno); 85 sprintf(cmd,"add-single-device %d %d %d %d",bus,ch,id,lun); 86- n = fprintf(fp,cmd); 87+ n = fprintf(fp, "%s", cmd); 88 fclose(fp); 89 strcat(cmd,"\n"); 90 showit(cmd); 91@@ -1233,7 +1233,7 @@ main(int argc, char **argv) 92 interval = atoi(optarg); 93 break; 94 default: 95- printf(output2); /*prog header*/ 96+ printf("%s", output2); /*prog header*/ 97 printf("Usage: %s [-bemnrx -t time]\n",progname); 98 printf(" -b Run in Background as a daemon\n"); 99 printf(" -e Do not write to any files.\n"); 100@@ -1246,7 +1246,7 @@ main(int argc, char **argv) 101 exit(1); 102 } 103 } 104- if (!background) printf(output2); /*prog header*/ 105+ if (!background) printf("%s", output2); /*prog header*/ 106 107 /* only run this as superuser */ 108 i = geteuid(); 109Index: scsirastools-1.6.6/src/sgmode.c 110=================================================================== 111--- scsirastools-1.6.6.orig/src/sgmode.c 112+++ scsirastools-1.6.6/src/sgmode.c 113@@ -303,7 +303,7 @@ int main(int argc, char **argv) 114 (" ******************************************\n"); 115 if (flogopen) 116 printf("Log file %s is open\n", logfile); 117- printf(HeaderStr); 118+ printf("%s", HeaderStr); 119 /* get SCSI Device Info */ 120 idev = 0; 121 flags = O_RDWR; /* could use OPEN_FLAG if read-only. */ 122@@ -585,8 +585,8 @@ int do_modeselect(int idx) 123 if (!foverwrite) { 124 /* use existing capacity from mode sense */ 125 memcpy(sel_buffer + 4, out_buffer + 4, 8); 126- sprintf(scratch, "Using existing capacity instead\n"); 127- printf(scratch); 128+ sprintf(scratch, "%s", "Using existing capacity instead\n"); 129+ printf("%s",scratch); 130 showlog( scratch); 131 } else { /* foverwrite==1, changing something */ 132 /* usually only change num blks, if change blk size, flag it. */ 133Index: scsirastools-1.6.6/src/sgraidmon.c 134=================================================================== 135--- scsirastools-1.6.6.orig/src/sgraidmon.c 136+++ scsirastools-1.6.6/src/sgraidmon.c 137@@ -269,9 +269,9 @@ void showit(char *buf) 138 } 139 } 140 if (flogopen) 141- fprintf(fdlog, buf); /*write to log */ 142+ fprintf(fdlog, "%s", buf); /*write to log */ 143 if (!background) 144- fprintf(fdmsg, buf); /*message display defaults to stdout */ 145+ fprintf(fdmsg, "%s", buf); /*message display defaults to stdout */ 146 } 147 148 /* 149@@ -563,7 +563,7 @@ add_scsi_dev(int bus, int ch, int id, in 150 fp = fopen("/proc/scsi/scsi","r+"); 151 if (fp == NULL) return(errno); 152 sprintf(cmd,"add-single-device %d %d %d %d",bus,ch,id,lun); 153- fprintf(fp,cmd); 154+ fprintf(fp, "%s", cmd); 155 fclose(fp); 156 strcat(cmd,"\n"); 157 showit(cmd); 158@@ -1585,7 +1585,7 @@ main(int argc, char **argv) 159 interval = atoi(optarg); 160 break; 161 default: 162- printf(output2); /*prog header*/ 163+ printf("%s", output2); /*prog header*/ 164 printf("Usage: %s [-bemnrx -t time]\n",progname); 165 printf(" -b Run in Background as a daemon\n"); 166 printf(" -e Do not write to any files.\n"); 167@@ -1598,7 +1598,7 @@ main(int argc, char **argv) 168 exit(1); 169 } 170 } 171- if (!background) printf(output2); /*prog header*/ 172+ if (!background) printf("%s", output2); /*prog header*/ 173 174 /* only run this as superuser */ 175 i = geteuid(); 176Index: scsirastools-1.6.6/src/sgsafte.c 177=================================================================== 178--- scsirastools-1.6.6.orig/src/sgsafte.c 179+++ scsirastools-1.6.6/src/sgsafte.c 180@@ -174,9 +174,9 @@ void showit(char *buf) 181 } 182 } 183 if (flogopen) 184- fprintf(fdlog, buf); /*write to log */ 185+ fprintf(fdlog, "%s", buf); /*write to log */ 186 if (!background) 187- fprintf(fdmsg, buf); /*message display defaults to stdout */ 188+ fprintf(fdmsg, "%s", buf); /*message display defaults to stdout */ 189 } 190 191 /* 192@@ -384,7 +384,7 @@ add_scsi_dev(int bus, int ch, int id, in 193 fp = fopen("/proc/scsi/scsi","r+"); 194 if (fp == NULL) return(errno); 195 sprintf(cmd,"add-single-device %d %d %d %d",bus,ch,id,lun); 196- fprintf(fp,cmd); 197+ fprintf(fp, "%s", cmd); 198 fclose(fp); 199 strcat(cmd,"\n"); 200 showit(cmd); 201@@ -1261,7 +1261,7 @@ main(int argc, char **argv) 202 do_numeric = 0; 203 break; 204 default: 205- printf(output2); /*prog header*/ 206+ printf("%s", output2); /*prog header*/ 207 printf("Usage: %s [-d num -rf -emnx]\n",progname); 208 printf(" -d drive number to set (0, 1, ...)\n"); 209 printf(" -r set SAF-TE status to ready\n"); 210@@ -1273,7 +1273,7 @@ main(int argc, char **argv) 211 exit(1); 212 } 213 } 214- if (!background) printf(output2); /*prog header*/ 215+ if (!background) printf("%s", output2); /*prog header*/ 216 217 if (setval != 0 && drivenum == -1) drivenum = 0; /*default to first drive*/ 218 219