contrib/gcclibs/libssp security warning
Sean Bruno
sean_bruno at yahoo.com
Mon Oct 21 23:07:52 UTC 2013
On Mon, 2013-10-21 at 08:44 +0200, Dimitry Andric wrote:
> On Oct 21, 2013, at 05:47, Sean Bruno <sean_bruno at yahoo.com> wrote:
> > There's an unchecked syslog call inside of libssp/ssp.c
> >
> >
> > /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23:
> > warning: format string is not a string literal (potentially insecure)
> > [-Wformat-security]
> > syslog (LOG_CRIT, msg1);
> > ^~~~
> > 1 warning generated.
> > /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23:
> > warning: format string is not a string literal (potentially insecure)
> > [-Wformat-security]
> > syslog (LOG_CRIT, msg1);
> >
> > I propose the following change:
> >
> > Index: contrib/gcclibs/libssp/ssp.c
> > ===================================================================
> > --- contrib/gcclibs/libssp/ssp.c (revision 256712)
> > +++ contrib/gcclibs/libssp/ssp.c (working copy)
> > #ifdef HAVE_SYSLOG_H
> > /* Only send the error to syslog if there was no tty available. */
> > else
> > - syslog (LOG_CRIT, msg3);
> > + syslog (LOG_CRIT, "%s", msg3);
> > #endif /* HAVE_SYSLOG_H */
> >
>
>
> Heh, this is also still in upstream gcc. :-) It should not be a real
> security problem, as the fail() function is only ever called twice, with
> predictable const char arguments. But better safe than sorry, so LGTM.
>
> -Dimitry
>
done at svn r256866
sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20131021/f22d3d7f/attachment.sig>
More information about the freebsd-current
mailing list