summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2000-08-13 05:23:23 +0000
committerkris <kris@FreeBSD.org>2000-08-13 05:23:23 +0000
commite5f617598c2db0dd51906a38ecea9208123a8b70 (patch)
treeb33e7d4eb24152fb855b36716c3a0f4d1a7d417f /crypto
parent5ed96cd5daa48af752db4781418f32f9258cce94 (diff)
downloadFreeBSD-src-e5f617598c2db0dd51906a38ecea9208123a8b70.zip
FreeBSD-src-e5f617598c2db0dd51906a38ecea9208123a8b70.tar.gz
Fix setproctitle() and syslog() vulnerabilities.
Diffstat (limited to 'crypto')
-rw-r--r--crypto/heimdal/appl/ftp/ftpd/ftpd.c6
-rw-r--r--crypto/heimdal/appl/kauth/kauthd.c8
-rw-r--r--crypto/heimdal/appl/rsh/rshd.c2
3 files changed, 8 insertions, 8 deletions
diff --git a/crypto/heimdal/appl/ftp/ftpd/ftpd.c b/crypto/heimdal/appl/ftp/ftpd/ftpd.c
index 8c5ddf3..21b3e44 100644
--- a/crypto/heimdal/appl/ftp/ftpd/ftpd.c
+++ b/crypto/heimdal/appl/ftp/ftpd/ftpd.c
@@ -775,7 +775,7 @@ int do_login(int code, char *passwd)
"%s: anonymous/%s",
remotehost,
passwd);
- setproctitle(proctitle);
+ setproctitle("%s", proctitle);
#endif /* HAVE_SETPROCTITLE */
if (logging) {
char data_addr[256];
@@ -795,7 +795,7 @@ int do_login(int code, char *passwd)
reply(code, "User %s logged in.", pw->pw_name);
#ifdef HAVE_SETPROCTITLE
snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
- setproctitle(proctitle);
+ setproctitle("%s", proctitle);
#endif /* HAVE_SETPROCTITLE */
if (logging) {
char data_addr[256];
@@ -1769,7 +1769,7 @@ dolog(struct sockaddr *sa, int len)
NULL, 0, 0);
#ifdef HAVE_SETPROCTITLE
snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
- setproctitle(proctitle);
+ setproctitle("%s", proctitle);
#endif /* HAVE_SETPROCTITLE */
if (logging) {
diff --git a/crypto/heimdal/appl/kauth/kauthd.c b/crypto/heimdal/appl/kauth/kauthd.c
index 520730a..fe0ceb2 100644
--- a/crypto/heimdal/appl/kauth/kauthd.c
+++ b/crypto/heimdal/appl/kauth/kauthd.c
@@ -130,7 +130,7 @@ doit(int sock)
if( kuserok(&auth, locuser) != 0) {
snprintf(buf, sizeof(buf), "%s cannot get tickets for %s",
locuser, krb_unparse_name(&princ));
- syslog (LOG_ERR, buf);
+ syslog (LOG_ERR, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
@@ -138,7 +138,7 @@ doit(int sock)
passwd = k_getpwnam (locuser);
if (passwd == NULL) {
snprintf (buf, sizeof(buf), "No user '%s'", locuser);
- syslog (LOG_ERR, buf);
+ syslog (LOG_ERR, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
@@ -147,7 +147,7 @@ doit(int sock)
initgroups(passwd->pw_name, passwd->pw_gid) ||
setuid(passwd->pw_uid)) {
snprintf (buf, sizeof(buf), "Could not change user");
- syslog (LOG_ERR, buf);
+ syslog (LOG_ERR, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
@@ -189,7 +189,7 @@ doit(int sock)
return 0;
} else {
snprintf (buf, sizeof(buf), "TGT failed: %s", krb_get_err_text(status));
- syslog (LOG_NOTICE, buf);
+ syslog (LOG_NOTICE, "%s", buf);
write_encrypted (sock, buf, strlen(buf), schedule,
&auth.session, &thisaddr, &thataddr);
return 1;
diff --git a/crypto/heimdal/appl/rsh/rshd.c b/crypto/heimdal/appl/rsh/rshd.c
index d018856..9bbdf11 100644
--- a/crypto/heimdal/appl/rsh/rshd.c
+++ b/crypto/heimdal/appl/rsh/rshd.c
@@ -85,7 +85,7 @@ fatal (int sock, const char *m, ...)
va_start(args, m);
len = vsnprintf (buf + 1, sizeof(buf) - 1, m, args);
va_end(args);
- syslog (LOG_ERR, buf + 1);
+ syslog (LOG_ERR, "%s", buf + 1);
net_write (sock, buf, len + 1);
exit (1);
}
OpenPOWER on IntegriCloud