git://git.openafs.org / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch (parent: 0ac2848)
DEVEL15-windows-printf-format-string-protection-20080108
authorJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 8 Jan 2008 06:29:47 +0000 (06:29 +0000)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 8 Jan 2008 06:29:47 +0000 (06:29 +0000)
LICENSE MIT

Do not pass strings generated from incoming network data to ??printf
as the format string.  Instead use a format string of "%s".  This protects
against %? expansions being inserted in the string.

(cherry picked from commit a05df915505ab3e77e46e39a5b232086c43fc8bf)

src/WINNT/afsd/smb3.c patch | blob | history

diff --git a/src/WINNT/afsd/smb3.c b/src/WINNT/afsd/smb3.c
index b082570..41a914f 100644 (file)
--- a/src/WINNT/afsd/smb3.c
+++ b/src/WINNT/afsd/smb3.c
@@ -170,7 +170,7 @@ void OutputDebugHexDump(unsigned char * buffer, int len) {
     for (i=0;i<len;i++) {
         if(!(i%16)) {
             if(i) {
-                osi_Log0(smb_logp, osi_LogSaveString(smb_logp, buf));
+                osi_Log0(smb_logp, "%s", osi_LogSaveString(smb_logp, buf));
                 strcat(buf,"\r\n");
                 OutputDebugString(buf);
             }
@@ -191,7 +191,7 @@ void OutputDebugHexDump(unsigned char * buffer, int len) {
         buf[j] = (k>32 && k<127)?k:'.';
     }    
     if(i) {
-        osi_Log0(smb_logp, osi_LogSaveString(smb_logp, buf));
+        osi_Log0(smb_logp, "%s", osi_LogSaveString(smb_logp, buf));
         strcat(buf,"\r\n");
         OutputDebugString(buf);
     }   
OpenAFS Master Repository