FreeBSD Bugzilla – Attachment 13914 Details for
Bug 26286
*printf(3) etc should gain format string warnings
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 5.52 KB, created by
Mike Bristow
on 2001-04-02 10:50:00 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Mike Bristow
Created:
2001-04-02 10:50:00 UTC
Size:
5.52 KB
patch
obsolete
>Index: share/man/man3/stdarg.3 >=================================================================== >RCS file: /upstream-repositories/freebsd.org/src/share/man/man3/stdarg.3,v >retrieving revision 1.4.2.2 >diff -u -r1.4.2.2 stdarg.3 >--- share/man/man3/stdarg.3 2001/03/06 19:08:09 1.4.2.2 >+++ share/man/man3/stdarg.3 2001/03/29 15:48:07 >@@ -120,7 +120,7 @@ > .Fa type > is not compatible with the type of the actual next argument > (as promoted according to the default argument promotions), >-random errors will occur. >+random errors will occur, which might lead to a security risk. > .Pp > The first use of the > .Fn va_arg >Index: lib/libc/gen/err.3 >=================================================================== >RCS file: /upstream-repositories/freebsd.org/src/lib/libc/gen/err.3,v >retrieving revision 1.11.2.4 >diff -u -r1.11.2.4 err.3 >--- lib/libc/gen/err.3 2001/03/05 08:42:22 1.11.2.4 >+++ lib/libc/gen/err.3 2001/03/29 15:48:07 >@@ -97,9 +97,16 @@ > and a space are output. > If the > .Fa fmt >-argument is not NULL, the >-.Xr printf 3 >--like formatted error message is output. >+argument is not NULL, then further output is controlled by treating >+it as a format string that specifies how subsequent arguments (or >+arguments accessed via the variable-length argument facilities of >+.Xr stdarg 3 ) >+are converted for output, in the same way as >+.Xr printf 3 . >+If the format string specifies an argument that does not exist, or >+a type different from that actually given, random errors, that >+could cause a security risk, may occur. >+.Pp > The output is terminated by a newline character. > .Pp > The >Index: lib/libc/gen/setproctitle.3 >=================================================================== >RCS file: /upstream-repositories/freebsd.org/src/lib/libc/gen/setproctitle.3,v >retrieving revision 1.16.2.2 >diff -u -r1.16.2.2 setproctitle.3 >--- lib/libc/gen/setproctitle.3 2000/12/08 13:49:24 1.16.2.2 >+++ lib/libc/gen/setproctitle.3 2001/03/29 15:48:07 >@@ -39,13 +39,17 @@ > .Xr ps 1 > command. > .Pp >-The title is set from the executable's name, followed by the >-result of a >-.Xr printf 3 >-style expansion of the arguments as specified by the >+If >+.Va fmt >+is not NULL, then the title is set from the executable's name, >+followed by the result of treating > .Va fmt >-argument. >-If the >+as a format string that specifies how subsequent arguments are >+converted, in the same was as >+.Xr printf 3 . >+If the format string specifies arguments that do not exist, or it >+specifies a type different from that actually given, random errors, >+that could cause a security risk, may occur. If the > .Va fmt > argument begins with a > .Dq - >Index: lib/libc/gen/syslog.3 >=================================================================== >RCS file: /upstream-repositories/freebsd.org/src/lib/libc/gen/syslog.3,v >retrieving revision 1.9.2.4 >diff -u -r1.9.2.4 syslog.3 >--- lib/libc/gen/syslog.3 2001/03/06 16:45:55 1.9.2.4 >+++ lib/libc/gen/syslog.3 2001/03/29 15:48:07 >@@ -48,9 +48,9 @@ > .Fd #include <syslog.h> > .Fd #include <varargs.h> > .Ft void >-.Fn syslog "int priority" "const char *message" "..." >+.Fn syslog "int priority" "const char *fmt" "..." > .Ft void >-.Fn vsyslog "int priority" "const char *message" "va_list args" >+.Fn vsyslog "int priority" "const char *fmt" "va_list args" > .Ft void > .Fn openlog "const char *ident" "int logopt" "int facility" > .Ft void >@@ -60,33 +60,34 @@ > .Sh DESCRIPTION > The > .Fn syslog >-function >-writes >-.Fa message >-to the system message logger. >+function writes a message to the system message logger. > The message is then written to the system console, log files, > logged-in users, or forwarded to other machines as appropriate. > (See > .Xr syslogd 8 . ) > .Pp >-The message is identical to a >-.Xr printf 3 >-format string, except that >+The message is created by treating >+.Va fmt >+as a format string that specifies how subsequent arguments are >+converted, in the same was as >+.Xr printf 3 , >+with an additional convertion specifier of > .Ql %m >-is replaced by the current error >-message. >-(As denoted by the global variable >+which is replaced by the current error message. (As denoted by >+the global variable > .Va errno ; > see > .Xr strerror 3 . ) >-A trailing newline is added if none is present. >+If the format string specifies arguments that do not exist, or it >+specifies a type different from that actually given, random errors, >+that could cause a security risk, may occur. A trailing newline >+is added if none is present. > .Pp > The > .Fn vsyslog >-function >-is an alternate form in which the arguments have already been captured >-using the variable-length argument facilities of >-.Xr varargs 3 . >+function is an alternate form in which the arguments have already >+been captured using the variable-length argument facilities of >+.Xr stdarg 3 . > .Pp > The message is tagged with > .Fa priority . >Index: lib/libc/stdio/printf.3 >=================================================================== >RCS file: /upstream-repositories/freebsd.org/src/lib/libc/stdio/printf.3,v >retrieving revision 1.17.2.5 >diff -u -r1.17.2.5 printf.3 >--- lib/libc/stdio/printf.3 2001/03/06 16:46:01 1.17.2.5 >+++ lib/libc/stdio/printf.3 2001/03/29 15:48:07 >@@ -170,7 +170,11 @@ > the character > .Cm % . > The arguments must correspond properly (after type promotion) >-with the conversion specifier. >+with the conversion specifier. If they do not random errors, >+which could cause a security risk, may occur. In particular, >+user-supplied data should never be included in the format string >+without checking that it is safe (eg, does not contain %s >+and other character sequences with special meaning). > After the > .Cm % , > the following appear in sequence:
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 26286
: 13914