diff options
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/stdio/printf.3 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/lib/libc/stdio/printf.3 b/lib/libc/stdio/printf.3 index c46284e..3f5f8b4 100644 --- a/lib/libc/stdio/printf.3 +++ b/lib/libc/stdio/printf.3 @@ -700,6 +700,27 @@ a buffer overflow attack. the FSA and .Sx EXAMPLES . ) +.Pp +.\" XXX - rewrite after FSA +The +.Fn printf +and +.Fn vprintf +functions are also easily misused in a manner allowing malicious users +to arbitrarily change a running program's functionality by either +causing the program to print potentially sensitive data +.Dq "left on the stack," +or causing it to generate a memory fault or bus error +by dereferencing an invalid pointer. +.Pp +Never, under any circumstances pass a string obtained from the network, +a file, or any user as a format string to a +.Fn printf +or +.Fn sprintf +function. +.Xc +.Ec .Sh SEE ALSO .Xr printf 1 , .Xr scanf 3 , |
