summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/appl/kauth
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2000-08-13 05:23:23 +0000
committerkris <kris@FreeBSD.org>2000-08-13 05:23:23 +0000
commite5f617598c2db0dd51906a38ecea9208123a8b70 (patch)
treeb33e7d4eb24152fb855b36716c3a0f4d1a7d417f /crypto/heimdal/appl/kauth
parent5ed96cd5daa48af752db4781418f32f9258cce94 (diff)
downloadFreeBSD-src-e5f617598c2db0dd51906a38ecea9208123a8b70.zip
FreeBSD-src-e5f617598c2db0dd51906a38ecea9208123a8b70.tar.gz
Fix setproctitle() and syslog() vulnerabilities.
Diffstat (limited to 'crypto/heimdal/appl/kauth')
-rw-r--r--crypto/heimdal/appl/kauth/kauthd.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/crypto/heimdal/appl/kauth/kauthd.c b/crypto/heimdal/appl/kauth/kauthd.c
index 520730a..fe0ceb2 100644
--- a/crypto/heimdal/appl/kauth/kauthd.c
+++ b/crypto/heimdal/appl/kauth/kauthd.c
@@ -130,7 +130,7 @@ doit(int sock)
if( kuserok(&auth, locuser) != 0) {
snprintf(buf, sizeof(buf), "%s cannot get tickets for %s",
locuser, krb_unparse_name(&princ));
- syslog (LOG_ERR, buf);
+ syslog (LOG_ERR, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
@@ -138,7 +138,7 @@ doit(int sock)
passwd = k_getpwnam (locuser);
if (passwd == NULL) {
snprintf (buf, sizeof(buf), "No user '%s'", locuser);
- syslog (LOG_ERR, buf);
+ syslog (LOG_ERR, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
@@ -147,7 +147,7 @@ doit(int sock)
initgroups(passwd->pw_name, passwd->pw_gid) ||
setuid(passwd->pw_uid)) {
snprintf (buf, sizeof(buf), "Could not change user");
- syslog (LOG_ERR, buf);
+ syslog (LOG_ERR, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
@@ -189,7 +189,7 @@ doit(int sock)
return 0;
} else {
snprintf (buf, sizeof(buf), "TGT failed: %s", krb_get_err_text(status));
- syslog (LOG_NOTICE, buf);
+ syslog (LOG_NOTICE, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
OpenPOWER on IntegriCloud