Fix for bug 985, secure calls to SendMessage.

git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/trunk@1916 5417fbe8-f217-4b02-8779-1006273d7864

2 files changed, 5 insertions, 6 deletions

diff --git a/src/messages.c b/src/messages.c
index 2857553a6..44c8a8d5c 100644
--- a/src/messages.c
+++ b/src/messages.c
@@ -123,8 +123,7 @@ int m_privmsg(const char *source, const char *receiver, const char *msg)
 		/* Two lookups naughty, however, this won't happen often. -- w00t */
 		if (findbot(receiver))
 		{
-			ircdproto->SendMessage(findbot(receiver), source,
-						 getstring(NULL, USER_RECORD_NOT_FOUND));
+			ircdproto->SendMessage(findbot(receiver), source, "%s", getstring(NULL, USER_RECORD_NOT_FOUND));
 		}
 		return MOD_CONT;
 	}
diff --git a/src/send.c b/src/send.c
index e2d0c24d6..a52fa27be 100644
--- a/src/send.c
+++ b/src/send.c
@@ -127,7 +127,7 @@ void notice_user(char *source, User * u, const char *fmt, ...)
 		va_start(args, fmt);
 		vsnprintf(buf, BUFSIZE - 1, fmt, args);
 
-		u->SendMessage(source, buf);
+		u->SendMessage(source, "%s", buf);
 
 		va_end(args);
 	}
@@ -151,7 +151,7 @@ void notice_list(char *source, char *dest, char **text)
 		 * with a single space.
 		 */
 		if (**text) {
-			u->SendMessage(source, *text);
+			u->SendMessage(source, "%s", *text);
 		} else {
 			u->SendMessage(source, " ");
 		}
@@ -193,7 +193,7 @@ void notice_lang(const char *source, User * dest, int message, ...)
 		if (*s)
 			*s++ = 0;
 
-	dest->SendMessage(source, *t ? t : " ");
+		dest->SendMessage(source, "%s", *t ? t : " ");
 	}
 	va_end(args);
 }
@@ -239,7 +239,7 @@ void notice_help(const char *source, User * dest, int message, ...)
 		strscpy(outbuf, t, sizeof(outbuf));
 		strnrepl(outbuf, sizeof(outbuf), "\1\1", source);
 
-	dest->SendMessage(source, *outbuf ? outbuf : " ");
+		dest->SendMessage(source, "%s", *outbuf ? outbuf : " ");
 	}
 	va_end(args);
 }