FreeBSD Bugzilla – Attachment 22642 Details for
Bug 39230
warn against format string attacks in the printf man page
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
printf.diff
printf.diff (text/plain), 1.01 KB, created by
Martin Faxer
on 2002-06-13 15:30:05 UTC
(
hide
)
Description:
printf.diff
Filename:
MIME Type:
Creator:
Martin Faxer
Created:
2002-06-13 15:30:05 UTC
Size:
1.01 KB
patch
obsolete
>Index: printf.3 >=================================================================== >RCS file: /home/ncvs/src/lib/libc/stdio/printf.3,v >retrieving revision 1.38 >diff -u -r1.38 printf.3 >--- printf.3 9 Jan 2002 14:01:22 -0000 1.38 >+++ printf.3 13 Jun 2002 13:59:56 -0000 >@@ -690,12 +690,23 @@ > .Ed > .Sh SECURITY CONSIDERATIONS > The >+.Nm >+family of functions take a >+.Ar format >+argument which is not to be left out, even if you are intending to >+only print a single string. >+Failure to include the >+.Ar format >+argument may lead to malicious users providing a specially >+crafted format string to take control of the program. >+.Pp >+The > .Fn sprintf > and > .Fn vsprintf >-functions are easily misused in a manner which enables malicious users >-to arbitrarily change a running program's functionality through >-a buffer overflow attack. >+functions lack bounds checking and are easily misused in a manner >+which enables malicious users to arbitrarily change a running >+program's functionality through a buffer overflow attack. > (See > the FSA > and
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=22642">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 39230
: 22642