diff options
| author |   aaron <aaron@openbsd.org> | 2000-08-25 17:43:14 +0000 |
|---|---|---|
| committer | aaron <aaron@openbsd.org> | 2000-08-25 17:43:14 +0000 |
| commit | 443564e20efcc369e98714826bb039805f569746 (patch) | |
| tree | 736301c827baee43ba7e1ddfc05539d9a8df01cd | |
| parent | Sync with FreeBSD. Summary of changes: (diff) | |
| download | wireguard-openbsd-443564e20efcc369e98714826bb039805f569746.tar.xz wireguard-openbsd-443564e20efcc369e98714826bb039805f569746.zip | |
In the format string bug description under CAVEATS, clarify what we mean by
building the string ``by hand'' using a function like snprintf(); deraadt@ ok
| -rw-r--r-- | lib/libc/gen/setproctitle.3 | 8 | ||||
| -rw-r--r-- | lib/libc/gen/syslog.3 | 8 | ||||
| -rw-r--r-- | lib/libc/stdio/printf.3 | 8 |
3 files changed, 12 insertions, 12 deletions
diff --git a/lib/libc/gen/setproctitle.3 b/lib/libc/gen/setproctitle.3 index fd0f5c22a6f..6cee2e43e93 100644 --- a/lib/libc/gen/setproctitle.3 +++ b/lib/libc/gen/setproctitle.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: setproctitle.3,v 1.10 2000/07/16 22:44:58 millert Exp $ +.\" $OpenBSD: setproctitle.3,v 1.11 2000/08/25 17:43:14 aaron Exp $ .\" .\" Copyright (c) 1994, 1995 Christopher G. Demetriou .\" All rights reserved. @@ -75,15 +75,15 @@ function first appeared in .Nx 0.9a . .Sh CAVEATS It is important to never pass a string with user-supplied data as a -format without using %s. +format without using +.Ql %s . An attacker can put format specifiers in the string to mangle your stack, leading to a possible security hole. This holds true even if you have built the string .Dq by hand using a function like .Fn snprintf , -as the attacker can escape the percent sign -.Pq Sq % +as the resulting string may still contain user-supplied conversion specifiers for later interpolation by .Fn setproctitle . .Pp diff --git a/lib/libc/gen/syslog.3 b/lib/libc/gen/syslog.3 index f7e48e952f1..a99b14a357b 100644 --- a/lib/libc/gen/syslog.3 +++ b/lib/libc/gen/syslog.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: syslog.3,v 1.8 2000/07/16 22:44:58 millert Exp $ +.\" $OpenBSD: syslog.3,v 1.9 2000/08/25 17:43:14 aaron Exp $ .\" .\" Copyright (c) 1985, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -271,15 +271,15 @@ functions appeared in .Bx 4.2 . .Sh CAVEATS It is important to never pass a string with user-supplied data as a -format without using %s. +format without using +.Ql %s . An attacker can put format specifiers in the string to mangle your stack, leading to a possible security hole. This holds true even if you have built the string .Dq by hand using a function like .Fn snprintf , -as the attacker can escape the percent sign -.Pq Sq % +as the resulting string may still contain user-supplied conversion specifiers for later interpolation by .Fn syslog . .Pp diff --git a/lib/libc/stdio/printf.3 b/lib/libc/stdio/printf.3 index 4225c6fd77b..c30c43fd7ec 100644 --- a/lib/libc/stdio/printf.3 +++ b/lib/libc/stdio/printf.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: printf.3,v 1.30 2000/07/16 22:44:57 millert Exp $ +.\" $OpenBSD: printf.3,v 1.31 2000/08/25 17:43:15 aaron Exp $ .\" .\" Copyright (c) 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -687,15 +687,15 @@ systems and the interface is not portable. .Pp It is important to never pass a string with user-supplied data as a -format without using %s. +format without using +.Ql %s . An attacker can put format specifiers in the string to mangle your stack, leading to a possible security hole. This holds true even if you have built the string .Dq by hand using a function like .Fn snprintf , -as the attacker can escape the percent sign -.Pq Sq % +as the resulting string may still contain user-supplied conversion specifiers for later interpolation by .Fn printf . .Pp |