Add new "SECURITY CONSIDERATIONS" sections.

Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
author: chris <chris@FreeBSD.org> 2002-01-06 21:16:41 +0000
committer: chris <chris@FreeBSD.org> 2002-01-06 21:16:41 +0000
commit: 37a6f9b2be16e693718342bb84a08b43827d9fab (patch)
tree: 9824d4861f319f4df52618ace7d1bfb8f9ba4139 /lib/libc/stdio/fgets.3
parent: 938cb766b865d01150650a56d7b2cbb7df3d1d59 (diff)
download: FreeBSD-src-37a6f9b2be16e693718342bb84a08b43827d9fab.zip
FreeBSD-src-37a6f9b2be16e693718342bb84a08b43827d9fab.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/lib/libc/stdio/fgets.3 b/lib/libc/stdio/fgets.3
index c54865d..9c3ecea3 100644
--- a/lib/libc/stdio/fgets.3
+++ b/lib/libc/stdio/fgets.3
@@ -132,10 +132,24 @@ may also fail and set
 .Va errno
 for any of the errors specified for the routine
 .Xr getchar 3 .
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn gets
+function cannot be used securely.
+Because of its lack of bounds checking,
+the use of this function enables malicious users
+to arbitrarily change a running program's functionality through
+a buffer overflow attack.
+(See
+the FSA.)
 .Sh SEE ALSO
 .Xr feof 3 ,
 .Xr ferror 3 ,
 .Xr fgetln 3
+.Rs
+.%T "The FreeBSD Security Architecture"
+.%J "/usr/share/doc/{to be determined}"
+.Re
 .Sh STANDARDS
 The functions
 .Fn fgets
author	chris <chris@FreeBSD.org>	2002-01-06 21:16:41 +0000
committer	chris <chris@FreeBSD.org>	2002-01-06 21:16:41 +0000
commit	37a6f9b2be16e693718342bb84a08b43827d9fab (patch)
tree	9824d4861f319f4df52618ace7d1bfb8f9ba4139 /lib/libc/stdio/fgets.3
parent	938cb766b865d01150650a56d7b2cbb7df3d1d59 (diff)
download	FreeBSD-src-37a6f9b2be16e693718342bb84a08b43827d9fab.zip FreeBSD-src-37a6f9b2be16e693718342bb84a08b43827d9fab.tar.gz