summaryrefslogtreecommitdiffstats
path: root/usr.bin/rpcgen/rpc_svcout.c
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2001-07-05 08:17:41 +0000
committerkris <kris@FreeBSD.org>2001-07-05 08:17:41 +0000
commit62daf61425fb633804f8526484144b1ba9ec5f3d (patch)
tree890cea6fae2d792156a735daf92c405b7f6c91cb /usr.bin/rpcgen/rpc_svcout.c
parentf6fc0970daf5c18ee4284e3ce0d44b46a9902736 (diff)
downloadFreeBSD-src-62daf61425fb633804f8526484144b1ba9ec5f3d.zip
FreeBSD-src-62daf61425fb633804f8526484144b1ba9ec5f3d.tar.gz
Don't generate syslog() statements which have format string vulnerabilities.
MFC after: 1 week
Diffstat (limited to 'usr.bin/rpcgen/rpc_svcout.c')
-rw-r--r--usr.bin/rpcgen/rpc_svcout.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/rpcgen/rpc_svcout.c b/usr.bin/rpcgen/rpc_svcout.c
index 86ff5a2..b3eddf5 100644
--- a/usr.bin/rpcgen/rpc_svcout.c
+++ b/usr.bin/rpcgen/rpc_svcout.c
@@ -769,12 +769,12 @@ write_msg_out(void)
f_print(fout, "#ifdef RPC_SVC_FG\n");
if (inetdflag || pmflag)
f_print(fout, "\tif (_rpcpmstart)\n");
- f_print(fout, "\t\tsyslog(LOG_ERR, msg);\n");
+ f_print(fout, "\t\tsyslog(LOG_ERR, \"%%s\", msg);\n");
f_print(fout, "\telse\n");
f_print(fout,
"\t\t(void) fprintf(stderr, \"%%s\\n\", msg);\n");
f_print(fout, "#else\n");
- f_print(fout, "\tsyslog(LOG_ERR, msg);\n");
+ f_print(fout, "\tsyslog(LOG_ERR, \"%%s\", msg);\n");
f_print(fout, "#endif\n");
f_print(fout, "}\n");
}
OpenPOWER on IntegriCloud