summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsalo <salo>2007-02-17 22:48:16 +0000
committersalo <salo>2007-02-17 22:48:16 +0000
commitfcf780999100eb0497112e88af17d37f1ccf8680 (patch)
treeb092d4604b7520d13f22c3c05bb14e6e7a544ef0
parent02bc3782257b7fb635d22699f1614b0f346d9d91 (diff)
downloadpkgsrc-fcf780999100eb0497112e88af17d37f1ccf8680.tar.gz
Security fixes for CVE-2007-0254 (and more):
"A vulnerability has been reported in xine-ui, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a format string error within the "errors_create_window()" function in errors.c. This may be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted playlist file." Patch from SUSE. Bump PKGREVISION. XXX: The sources are a real mess. My condolences to everyone using it. And good luck, you'll need it!..
-rw-r--r--multimedia/xine-ui/Makefile4
-rw-r--r--multimedia/xine-ui/distinfo15
-rw-r--r--multimedia/xine-ui/patches/patch-ai123
-rw-r--r--multimedia/xine-ui/patches/patch-aq15
-rw-r--r--multimedia/xine-ui/patches/patch-au20
-rw-r--r--multimedia/xine-ui/patches/patch-av22
-rw-r--r--multimedia/xine-ui/patches/patch-aw40
-rw-r--r--multimedia/xine-ui/patches/patch-ax13
-rw-r--r--multimedia/xine-ui/patches/patch-ay13
-rw-r--r--multimedia/xine-ui/patches/patch-az22
-rw-r--r--multimedia/xine-ui/patches/patch-ba17
-rw-r--r--multimedia/xine-ui/patches/patch-bb31
-rw-r--r--multimedia/xine-ui/patches/patch-bc14
13 files changed, 338 insertions, 11 deletions
diff --git a/multimedia/xine-ui/Makefile b/multimedia/xine-ui/Makefile
index 9ff48f281d5..dc9b482a561 100644
--- a/multimedia/xine-ui/Makefile
+++ b/multimedia/xine-ui/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.33 2007/02/11 17:19:49 drochner Exp $
+# $NetBSD: Makefile,v 1.34 2007/02/17 22:48:16 salo Exp $
#
DISTNAME= xine-ui-0.99.4
-PKGREVISION= 7
+PKGREVISION= 8
CATEGORIES= multimedia
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=xine/}
diff --git a/multimedia/xine-ui/distinfo b/multimedia/xine-ui/distinfo
index ff81ef58e74..c53329701ea 100644
--- a/multimedia/xine-ui/distinfo
+++ b/multimedia/xine-ui/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.13 2007/02/11 17:19:49 drochner Exp $
+$NetBSD: distinfo,v 1.14 2007/02/17 22:48:16 salo Exp $
SHA1 (xine-ui-0.99.4.tar.gz) = b982e5697f183559c216f9243b9410d61b9c58aa
RMD160 (xine-ui-0.99.4.tar.gz) = eeead5c6e566ade5505c8fcb924272c74eb4f49a
@@ -7,12 +7,21 @@ SHA1 (patch-aa) = 4221e235da0b2047d218a9123f82a40cce92e15b
SHA1 (patch-ae) = 1d5887168efd340f047dfdb9e135ce12c18e2d5f
SHA1 (patch-ag) = dddbea5257a5b21e3a7ba21207661f4a47a9fa7e
SHA1 (patch-ah) = 9d61282de803459e4b9c49814796dcc97658849d
-SHA1 (patch-ai) = 78228fa174cb0d455a9debec18125d9ee13d34dd
+SHA1 (patch-ai) = 68bd0bdb39ecacd993335707a8843fd696067633
SHA1 (patch-al) = d00f3ad348450e209d55ba69c1c053fce7d359b3
SHA1 (patch-am) = 57567b2c1f86ef575ff4abcbfaa5f06e3178a056
SHA1 (patch-ao) = 09e83615b88dffbdfeb0b0bad07dcdc60024ba67
SHA1 (patch-ap) = f4f360e5fc8008882f07c649b7ea29ef163c6731
-SHA1 (patch-aq) = 212d5c561422e5866cdc05cd39c609b1274aa8b6
+SHA1 (patch-aq) = 393f889a397c60a9cb1940f197e92efd12cb13bb
SHA1 (patch-ar) = 50c45ce7c272385100bc562b8d1d668c3d860df7
SHA1 (patch-as) = 96f680bcab84c7a832f0ea4ae2b6a5b687f79244
SHA1 (patch-at) = 4d11203d056c45474e24b4e840e031720d840d55
+SHA1 (patch-au) = 1ab308585b3c806931fc0dd60dd82794a46cc4a9
+SHA1 (patch-av) = 0d36d3f7603752e5bfe98215ced4a878d4ec2058
+SHA1 (patch-aw) = 2cbb4e5a17faa79fb8d6607e52a9fa9d965ac884
+SHA1 (patch-ax) = 5388a8cb6fa73bbc001e7b1ad2ed4d25dc2425a8
+SHA1 (patch-ay) = f7252e705e017957238c3be37fbe52aea698785b
+SHA1 (patch-az) = 696c9a25ac25ba7940d976399519caadc4932c4b
+SHA1 (patch-ba) = 02493f55c8c1330a1eae6c109b51a4f5cdbe12d1
+SHA1 (patch-bb) = ebbfcc327d3918b152205a7907fc7c4252b7e1c2
+SHA1 (patch-bc) = 584d14552fd0acaaf32e64a4fa8c2886b4b16b84
diff --git a/multimedia/xine-ui/patches/patch-ai b/multimedia/xine-ui/patches/patch-ai
index dd7f4e1f024..5ecf6aa276f 100644
--- a/multimedia/xine-ui/patches/patch-ai
+++ b/multimedia/xine-ui/patches/patch-ai
@@ -1,7 +1,7 @@
-$NetBSD: patch-ai,v 1.1 2004/05/12 16:42:49 drochner Exp $
+$NetBSD: patch-ai,v 1.2 2007/02/17 22:48:16 salo Exp $
---- src/xitk/xine-remote.c.orig 2004-05-11 23:39:22.000000000 +0200
-+++ src/xitk/xine-remote.c 2004-05-11 23:45:24.000000000 +0200
+--- src/xitk/xine-remote.c.orig 2005-07-16 21:05:32.000000000 +0200
++++ src/xitk/xine-remote.c 2007-02-17 22:24:26.000000000 +0100
@@ -30,6 +30,7 @@
#endif
/* required for strncasecmp() */
@@ -30,3 +30,120 @@ $NetBSD: patch-ai,v 1.1 2004/05/12 16:42:49 drochner Exp $
#include "common.h"
+@@ -638,7 +639,7 @@ static int write_to_console(session_t *s
+ va_end(args);
+
+ pthread_mutex_lock(&session->console_mutex);
+- err = write_to_console_unlocked(session, buf);
++ err = write_to_console_unlocked(session, "%s", buf);
+ pthread_mutex_unlock(&session->console_mutex);
+
+ return err;
+@@ -998,7 +999,7 @@ static void *select_thread(void *data) {
+ write_to_console_unlocked_nocr(session, "\b \b");
+ pos--;
+ }
+- write_to_console_unlocked(session, obuffer);
++ write_to_console_unlocked(session, "%s", obuffer);
+
+ rl_crlf();
+ rl_forced_update_display();
+@@ -1082,7 +1083,7 @@ static void client_handle_command(sessio
+
+ *pp = '\0';
+
+- if((sock_write(session->socket, buf)) == -1) {
++ if((sock_write(session->socket, "%s", buf)) == -1) {
+ session->running = 0;
+ }
+ }
+@@ -1094,7 +1095,7 @@ static void client_handle_command(sessio
+
+ /* Perhaps a ';' separated commands, so send anyway to server */
+ if(found == 0) {
+- sock_write(session->socket, (char *)command);
++ sock_write(session->socket, "%s", (char *)command);
+ }
+
+ if((!strncasecmp(cmd, "exit", strlen(cmd))) || (!strncasecmp(cmd, "halt", strlen(cmd)))) {
+@@ -1714,7 +1715,7 @@ static void do_commands(commands_t *cmd,
+ i++;
+ }
+ sprintf(buf, "%s.\n", buf);
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+
+ static void do_help(commands_t *cmd, client_info_t *client_info) {
+@@ -1760,7 +1761,7 @@ static void do_help(commands_t *cmd, cli
+ }
+
+ sprintf(buf, "%s\n", buf);
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+ else {
+ int i;
+@@ -2096,7 +2097,7 @@ static void do_get(commands_t *cmd, clie
+ sprintf(buf, "%s%s", buf, "*UNKNOWN*");
+
+ sprintf(buf, "%s%c", buf, '\n');
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+ else if(is_arg_contain(client_info, 1, "speed")) {
+ char buf[64];
+@@ -2116,7 +2117,7 @@ static void do_get(commands_t *cmd, clie
+ sprintf(buf, "%s%s", buf, "*UNKNOWN*");
+
+ sprintf(buf, "%s%c", buf, '\n');
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+ else if(is_arg_contain(client_info, 1, "position")) {
+ char buf[64];
+@@ -2128,7 +2129,7 @@ static void do_get(commands_t *cmd, clie
+ &pos_time,
+ &length_time);
+ snprintf(buf, sizeof(buf), "%s: %d\n", "Current position", pos_time);
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+ else if(is_arg_contain(client_info, 1, "length")) {
+ char buf[64];
+@@ -2140,7 +2141,7 @@ static void do_get(commands_t *cmd, clie
+ &pos_time,
+ &length_time);
+ snprintf(buf, sizeof(buf), "%s: %d\n", "Current length", length_time);
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+ else if(is_arg_contain(client_info, 1, "loop")) {
+ char buf[64];
+@@ -2169,7 +2170,7 @@ static void do_get(commands_t *cmd, clie
+ }
+
+ sprintf(buf, "%s.\n", buf);
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+ }
+ }
+ else if(nargs >= 2) {
+@@ -2552,7 +2553,7 @@ static void do_halt(commands_t *cmd, cli
+ static void network_messenger(void *data, char *message) {
+ int socket = (int) data;
+
+- sock_write(socket, message);
++ sock_write(socket, "%s", message);
+ }
+
+ static void do_snap(commands_t *cmd, client_info_t *client_info) {
+@@ -2577,7 +2578,7 @@ static void say_hello(client_info_t *cli
+ else {
+ snprintf(buf, sizeof(buf), "%s %s %s\n", PACKAGE, VERSION, "remote server. Nice to meet you.");
+ }
+- sock_write(client_info->socket, buf);
++ sock_write(client_info->socket, "%s", buf);
+
+ }
+
diff --git a/multimedia/xine-ui/patches/patch-aq b/multimedia/xine-ui/patches/patch-aq
index 735ed737e98..46a576d8ce1 100644
--- a/multimedia/xine-ui/patches/patch-aq
+++ b/multimedia/xine-ui/patches/patch-aq
@@ -1,7 +1,7 @@
-$NetBSD: patch-aq,v 1.1 2006/04/21 11:11:26 drochner Exp $
+$NetBSD: patch-aq,v 1.2 2007/02/17 22:48:16 salo Exp $
---- src/xitk/main.c.orig 2006-04-20 11:59:48.000000000 +0200
-+++ src/xitk/main.c
+--- src/xitk/main.c.orig 2007-02-17 22:10:56.000000000 +0100
++++ src/xitk/main.c 2007-02-17 22:10:38.000000000 +0100
@@ -456,7 +456,7 @@ static void print_formatted(char *title,
int len;
char *blanks = " ";
@@ -29,3 +29,12 @@ $NetBSD: patch-aq,v 1.1 2006/04/21 11:11:26 drochner Exp $
printf(".\n\n");
}
+@@ -1249,7 +1249,7 @@ static void event_listener(void *user_da
+ snprintf(buffer, sizeof(buffer), "%s [%d%%]\n", pevent->description, pevent->percent);
+ gGui->mrl_overrided = 3;
+ panel_set_title(buffer);
+- osd_display_info(buffer);
++ osd_display_info("%s", buffer);
+ }
+ break;
+
diff --git a/multimedia/xine-ui/patches/patch-au b/multimedia/xine-ui/patches/patch-au
new file mode 100644
index 00000000000..f3c2d921551
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-au
@@ -0,0 +1,20 @@
+$NetBSD: patch-au,v 1.1 2007/02/17 22:48:16 salo Exp $
+
+--- src/fb/osd.c.orig 2003-12-01 18:23:27.000000000 +0100
++++ src/fb/osd.c 2007-02-17 21:56:02.000000000 +0100
+@@ -589,7 +589,7 @@ void osd_display_spu_lang(void) {
+ }
+
+ sprintf(buffer, "Subtitles: %s", lang);
+- osd_display_info(buffer);
++ osd_display_info("%s", buffer);
+ }
+
+ void osd_display_audio_lang(void) {
+@@ -618,5 +618,5 @@ void osd_display_audio_lang(void) {
+ }
+
+ sprintf(buffer, "Audio Channel: %s", lang);
+- osd_display_info(buffer);
++ osd_display_info("%s", buffer);
+ }
diff --git a/multimedia/xine-ui/patches/patch-av b/multimedia/xine-ui/patches/patch-av
new file mode 100644
index 00000000000..c45f9d37309
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-av
@@ -0,0 +1,22 @@
+$NetBSD: patch-av,v 1.1 2007/02/17 22:48:16 salo Exp $
+
+--- src/xitk/actions.c.orig 2005-07-24 04:40:36.000000000 +0200
++++ src/xitk/actions.c 2007-02-17 21:56:02.000000000 +0100
+@@ -398,7 +398,7 @@ int gui_xine_play(xine_stream_t *stream,
+
+
+ if(v_unhandled && a_unhandled) {
+- xine_error(buffer);
++ xine_error("%s", buffer);
+ return 0;
+ }
+
+@@ -416,7 +416,7 @@ int gui_xine_play(xine_stream_t *stream,
+ xw = xitk_window_dialog_yesno_with_width(gGui->imlib_data, _("Start Playback ?"),
+ start_anyway_yesno, start_anyway_yesno,
+ NULL, 400, ALIGN_CENTER,
+- buffer);
++ "%s", buffer);
+ XLockDisplay(gGui->display);
+ if(!gGui->use_root_window && gGui->video_display == gGui->display)
+ XSetTransientForHint(gGui->display, xitk_window_get_window(xw), gGui->video_window);
diff --git a/multimedia/xine-ui/patches/patch-aw b/multimedia/xine-ui/patches/patch-aw
new file mode 100644
index 00000000000..1c8935db45c
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-aw
@@ -0,0 +1,40 @@
+$NetBSD: patch-aw,v 1.1 2007/02/17 22:48:16 salo Exp $
+
+--- src/xitk/errors.c.orig 2005-02-07 19:16:28.000000000 +0100
++++ src/xitk/errors.c 2007-02-17 21:56:02.000000000 +0100
+@@ -68,7 +68,7 @@ static void errors_create_window(char *t
+ _("Done"), _("More..."),
+ NULL, _errors_display_log,
+ NULL, 400, ALIGN_CENTER,
+- message);
++ "%s", message);
+
+ xitk_window_set_parent_window(xw, gGui->video_window);
+
+@@ -125,7 +125,7 @@ void xine_error(char *message, ...) {
+ } else {
+ xitk_window_t *xw;
+
+- xw = xitk_window_dialog_error(gGui->imlib_data, buf2);
++ xw = xitk_window_dialog_error(gGui->imlib_data, "%s", buf2);
+
+ if(!gGui->use_root_window && gGui->video_display == gGui->display) {
+ XLockDisplay(gGui->display);
+@@ -228,7 +228,7 @@ void xine_info(char *message, ...) {
+ } else {
+ xitk_window_t *xw;
+
+- xw = xitk_window_dialog_info(gGui->imlib_data, buf2);
++ xw = xitk_window_dialog_info(gGui->imlib_data, "%s", buf2);
+
+ if(!gGui->use_root_window && gGui->video_display == gGui->display) {
+ XLockDisplay(gGui->display);
+@@ -354,7 +354,7 @@ void too_slow_window(void) {
+ _("Disable this warning."),
+ checked, _dont_show_too_slow_again,
+ NULL, 500, ALIGN_CENTER,
+- message);
++ "%s", message);
+ if(!gGui->use_root_window && gGui->video_display == gGui->display) {
+ XLockDisplay(gGui->display);
+ XSetTransientForHint(gGui->display, xitk_window_get_window(xw), gGui->video_window);
diff --git a/multimedia/xine-ui/patches/patch-ax b/multimedia/xine-ui/patches/patch-ax
new file mode 100644
index 00000000000..6a776a364c8
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-ax
@@ -0,0 +1,13 @@
+$NetBSD: patch-ax,v 1.1 2007/02/17 22:48:17 salo Exp $
+
+--- src/xitk/file_browser.c.orig 2005-05-29 12:43:40.000000000 +0200
++++ src/xitk/file_browser.c 2007-02-17 21:56:02.000000000 +0100
+@@ -1012,7 +1012,7 @@ static void fb_delete_file(xitk_widget_t
+ xitk_window_dialog_yesno(gGui->imlib_data, _("Confirm deletion ?"),
+ fb_delete_file_cb,
+ fb_delete_file_cb,
+- (void *)fb, ALIGN_DEFAULT, buf);
++ (void *)fb, ALIGN_DEFAULT, "%s", buf);
+ }
+ }
+
diff --git a/multimedia/xine-ui/patches/patch-ay b/multimedia/xine-ui/patches/patch-ay
new file mode 100644
index 00000000000..3d2a8e1cbd3
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-ay
@@ -0,0 +1,13 @@
+$NetBSD: patch-ay,v 1.1 2007/02/17 22:48:17 salo Exp $
+
+--- src/xitk/kbindings.c.orig 2005-07-16 21:05:31.000000000 +0200
++++ src/xitk/kbindings.c 2007-02-17 21:56:02.000000000 +0100
+@@ -622,7 +622,7 @@ static void _kbindings_check_redundancy(
+ _("Reset"), _("Editor"), _("Cancel"),
+ _kbinding_reset_cb, _kbinding_editor_cb, NULL,
+ (void *) kbt, 450, ALIGN_CENTER,
+- kmsg);
++ "%s", kmsg);
+ free(kmsg);
+ XLockDisplay(gGui->display);
+ if(!gGui->use_root_window && gGui->video_display == gGui->display)
diff --git a/multimedia/xine-ui/patches/patch-az b/multimedia/xine-ui/patches/patch-az
new file mode 100644
index 00000000000..7d7b1068d7c
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-az
@@ -0,0 +1,22 @@
+$NetBSD: patch-az,v 1.1 2007/02/17 22:48:17 salo Exp $
+
+--- src/xitk/osd.c.orig 2005-07-16 21:05:32.000000000 +0200
++++ src/xitk/osd.c 2007-02-17 21:56:02.000000000 +0100
+@@ -698,7 +698,7 @@ void osd_display_spu_lang(void) {
+ }
+
+ snprintf(buffer, sizeof(buffer), "%s%s", _("Subtitles: "), get_language_from_iso639_1(lang));
+- osd_display_info(buffer);
++ osd_display_info("%s", buffer);
+ }
+
+ void osd_display_audio_lang(void) {
+@@ -727,7 +727,7 @@ void osd_display_audio_lang(void) {
+ }
+
+ snprintf(buffer, sizeof(buffer), "%s%s", _("Audio Channel: "), get_language_from_iso639_1(lang));
+- osd_display_info(buffer);
++ osd_display_info("%s", buffer);
+ }
+
+ int osd_is_visible(void) {
diff --git a/multimedia/xine-ui/patches/patch-ba b/multimedia/xine-ui/patches/patch-ba
new file mode 100644
index 00000000000..e5b7b8839f3
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-ba
@@ -0,0 +1,17 @@
+$NetBSD: patch-ba,v 1.1 2007/02/17 22:48:18 salo Exp $
+
+--- src/xitk/panel.c.orig 2005-07-24 04:40:37.000000000 +0200
++++ src/xitk/panel.c 2007-02-17 21:56:02.000000000 +0100
+@@ -845,10 +845,10 @@ void panel_toggle_audio_mute(xitk_widget
+ * to snapshot current frame.
+ */
+ static void panel_snapshot_error(void *data, char *message) {
+- xine_error(message);
++ xine_error("%s", message);
+ }
+ static void panel_snapshot_info(void *data, char *message) {
+- xine_info(message);
++ xine_info("%s", message);
+ }
+ void panel_snapshot(xitk_widget_t *w, void *data) {
+ create_snapshot(gGui->mmk.mrl, panel_snapshot_error, panel_snapshot_info, NULL);
diff --git a/multimedia/xine-ui/patches/patch-bb b/multimedia/xine-ui/patches/patch-bb
new file mode 100644
index 00000000000..bf9db02dbb6
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-bb
@@ -0,0 +1,31 @@
+$NetBSD: patch-bb,v 1.1 2007/02/17 22:48:18 salo Exp $
+
+--- src/xitk/xine-toolkit/window.c.orig 2004-12-31 01:52:15.000000000 +0100
++++ src/xitk/xine-toolkit/window.c 2007-02-17 21:56:02.000000000 +0100
+@@ -1088,7 +1088,7 @@ xitk_window_t *xitk_window_dialog_ok_wit
+ char buf2[(strlen(buf) * 2) + 1];
+ xitk_subst_special_chars(buf, buf2);
+ xw = xitk_window_dialog_one_button_with_width(im, title, _("OK"), cb, userdata, window_width,
+- align, buf2);
++ align, "%s", buf2);
+ }
+ XITK_FREE(buf);
+ return xw;
+@@ -1337,7 +1337,7 @@ xitk_window_t *xitk_window_dialog_yesno_
+
+ xitk_subst_special_chars(buf, buf2);
+ xw = xitk_window_dialog_two_buttons_with_width(im, title, _("Yes"), _("No"),
+- ycb, ncb, userdata, window_width, align, buf2);
++ ycb, ncb, userdata, window_width, align, "%s", buf2);
+ }
+
+ XITK_FREE(buf);
+@@ -1559,7 +1559,7 @@ xitk_window_t *xitk_window_dialog_yesnoc
+
+ xitk_subst_special_chars(buf, buf2);
+ xw = xitk_window_dialog_three_buttons_with_width(im, title, _("Yes"), _("No"), _("Cancel"),
+- ycb, ncb, ccb, userdata, window_width, align, buf2);
++ ycb, ncb, ccb, userdata, window_width, align, "%s", buf2);
+ }
+ XITK_FREE(buf);
+ return xw;
diff --git a/multimedia/xine-ui/patches/patch-bc b/multimedia/xine-ui/patches/patch-bc
new file mode 100644
index 00000000000..15117f18db3
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-bc
@@ -0,0 +1,14 @@
+$NetBSD: patch-bc,v 1.1 2007/02/17 22:48:18 salo Exp $
+
+--- src/xitk/xine-toolkit/xitk.h.orig 2004-12-16 22:35:30.000000000 +0100
++++ src/xitk/xine-toolkit/xitk.h 2007-02-17 21:56:02.000000000 +0100
+@@ -2310,7 +2310,8 @@ xitk_window_t *xitk_window_dialog_checkb
+ char *checkbox_label, int checkbox_state,
+ xitk_state_callback_t cb3,
+ void *userdata,
+- int window_width, int align, char *message, ...);
++ int window_width, int align, char *message, ...)
++ __attribute__((__format__(__printf__, 13, 14)));
+
+ #ifdef __GNUC__
+ #define xitk_window_dialog_two_buttons_with_width(im, title, bl1, bl2, cb1, cb2, userdata, window_width, align, message, args...) \