contrib/gcclibs/libssp security warning
Dimitry Andric
dim at FreeBSD.org
Mon Oct 21 06:44:22 UTC 2013
On Oct 21, 2013, at 05:47, Sean Bruno <sean_bruno at yahoo.com> wrote:
> There's an unchecked syslog call inside of libssp/ssp.c
>
>
> /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23:
> warning: format string is not a string literal (potentially insecure)
> [-Wformat-security]
> syslog (LOG_CRIT, msg1);
> ^~~~
> 1 warning generated.
> /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23:
> warning: format string is not a string literal (potentially insecure)
> [-Wformat-security]
> syslog (LOG_CRIT, msg1);
>
> I propose the following change:
>
> Index: contrib/gcclibs/libssp/ssp.c
> ===================================================================
> --- contrib/gcclibs/libssp/ssp.c (revision 256712)
> +++ contrib/gcclibs/libssp/ssp.c (working copy)
> #ifdef HAVE_SYSLOG_H
> /* Only send the error to syslog if there was no tty available. */
> else
> - syslog (LOG_CRIT, msg3);
> + syslog (LOG_CRIT, "%s", msg3);
> #endif /* HAVE_SYSLOG_H */
>
Heh, this is also still in upstream gcc. :-) It should not be a real
security problem, as the fail() function is only ever called twice, with
predictable const char arguments. But better safe than sorry, so LGTM.
-Dimitry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20131021/4adaee78/attachment.sig>
More information about the freebsd-current
mailing list