$OpenBSD: patch-dirstream_c,v 1.1 2010/12/27 20:34:30 jasper Exp $

Security fix for SA42726
PECL phar Extension Format String Vulnerabilities.

Patch from upstream svn:
http://svn.php.net/viewvc?view=revision&revision=306667

--- dirstream.c.orig	Mon Dec 27 21:31:06 2010
+++ dirstream.c	Mon Dec 27 21:32:03 2010
@@ -360,7 +360,7 @@ php_stream *phar_wrapper_open_dir(php_stream_wrapper *
 
 	if (FAILURE == phar_get_archive(&phar, resource->host, host_len, NULL, 0, &error TSRMLS_CC)) {
 		if (error) {
-			php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, error);
+			php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "%s", error);
 			efree(error);
 		} else {
 			php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "phar file \"%s\" is unknown", resource->host);
