On Mon, 2013-10-21 at 08:44 +0200, Dimitry Andric wrote: > On Oct 21, 2013, at 05:47, Sean Bruno <sean_bruno_at_yahoo.com> wrote: > > There's an unchecked syslog call inside of libssp/ssp.c > > > > > > /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23: > > warning: format string is not a string literal (potentially insecure) > > [-Wformat-security] > > syslog (LOG_CRIT, msg1); > > ^~~~ > > 1 warning generated. > > /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23: > > warning: format string is not a string literal (potentially insecure) > > [-Wformat-security] > > syslog (LOG_CRIT, msg1); > > > > I propose the following change: > > > > Index: contrib/gcclibs/libssp/ssp.c > > =================================================================== > > --- contrib/gcclibs/libssp/ssp.c (revision 256712) > > +++ contrib/gcclibs/libssp/ssp.c (working copy) > > #ifdef HAVE_SYSLOG_H > > /* Only send the error to syslog if there was no tty available. */ > > else > > - syslog (LOG_CRIT, msg3); > > + syslog (LOG_CRIT, "%s", msg3); > > #endif /* HAVE_SYSLOG_H */ > > > > > Heh, this is also still in upstream gcc. :-) It should not be a real > security problem, as the fail() function is only ever called twice, with > predictable const char arguments. But better safe than sorry, so LGTM. > > -Dimitry > done at svn r256866 sean
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:43 UTC