From 84e48df8b349ab578b8a0a2683906933eb75b1ab Mon Sep 17 00:00:00 2001
From: johannes hanika <hanatos@gmail.com>
Date: Sat, 5 Oct 2024 13:35:58 +0200
Subject: [PATCH] sec: don't pass user string to format print directly

---
 src/gui/render_lighttable.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/gui/render_lighttable.c b/src/gui/render_lighttable.c
index 12bf0015..bc7f5e0e 100644
--- a/src/gui/render_lighttable.c
+++ b/src/gui/render_lighttable.c
@@ -748,6 +748,7 @@ void render_lighttable_right_panel()
               {
                 day[day_cnt][10] = 0;
                 strncpy(day[day_cnt], createdate, 10);
+                dt_sanitize_user_string(day[day_cnt]);
                 day_cnt++;
               }
             }