Re: [vamos-dev] [PATCH 1/3] fix literal error warning

Mon, 10 Sep 2012 08:44:28 -0700 

Hey guys,

what about this patch? Is there anyone who can have a look at it?

Greets,
Manuel

On Thu, Aug 16, 2012 at 05:08:42PM +0200, Manuel Zerpies wrote:
> From bfd90cc05ffdd1b1582493b212f1b42f49e49429 Mon Sep 17 00:00:00 2001
> From: Manuel Zerpies <[email protected]>
> Date: Thu, 16 Aug 2012 11:36:15 +0200
> Subject: [PATCH] fix literal error warning
> 
> This patch fixes security issues caused by userinput and
> format-strings.
> 
> Signed-off-by: Manuel Zerpies <[email protected]>
> ---
> Hey guys,
> 
> this patch fixes security issues.
> 
> In the first case userinput is directly printed which is harmful.
> 
> In the second case format-strings are printed without a string that
> belongs to it.
> 
> Greets,
> Manuel
> 
>  coreutils/stat.c |    4 ++--
>  libbb/dump.c     |    4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/coreutils/stat.c b/coreutils/stat.c
> index 3fb212f..f0a61d9 100644
> --- a/coreutils/stat.c
> +++ b/coreutils/stat.c
> @@ -442,7 +442,7 @@ static bool do_statfs(const char *filename, const char 
> *format)
>                    : getfilecon(filename, &scontext)
>                   ) < 0
>               ) {
> -                     bb_perror_msg(filename);
> +                     bb_perror_msg("%s", filename);
>                       return 0;
>               }
>       }
> @@ -555,7 +555,7 @@ static bool do_stat(const char *filename, const char 
> *format)
>                    : getfilecon(filename, &scontext)
>                   ) < 0
>               ) {
> -                     bb_perror_msg(filename);
> +                     bb_perror_msg("%s", filename);
>                       return 0;
>               }
>       }
> diff --git a/libbb/dump.c b/libbb/dump.c
> index 7e43564..91efe41 100644
> --- a/libbb/dump.c
> +++ b/libbb/dump.c
> @@ -613,7 +613,7 @@ static void display(priv_dumper_t* dumper)
>                                                       printf(pr->fmt, (char 
> *) bp);
>                                                       break;
>                                               case F_TEXT:
> -                                                     printf(pr->fmt);
> +                                                     printf("%s", pr->fmt);
>                                                       break;
>                                               case F_U:
>                                                       conv_u(pr, bp);
> @@ -663,7 +663,7 @@ static void display(priv_dumper_t* dumper)
>                               printf(pr->fmt, (unsigned) dumper->eaddress);
>                               break;
>                       case F_TEXT:
> -                             printf(pr->fmt);
> +                             printf("%s", pr->fmt);
>                               break;
>                       }
>               }
> -- 
> 1.7.0.4
> 
> 
> _______________________________________________
> vamos-dev mailing list
> [email protected]
> http://lists.informatik.uni-erlangen.de/mailman/listinfo/vamos-dev
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox

Reply via email to