From owner-freebsd-hackers Tue Mar 27 11:13:16 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id EA0F337B719; Tue, 27 Mar 2001 11:13:06 -0800 (PST) (envelope-from arr@watson.org) Received: from localhost (arr@localhost) by fledge.watson.org (8.11.1/8.11.1) with SMTP id f2RJD4994696; Tue, 27 Mar 2001 14:13:05 -0500 (EST) (envelope-from arr@watson.org) Date: Tue, 27 Mar 2001 14:13:03 -0500 (EST) From: "Andrew R. Reiter" To: security@freebsd.org, hackers@freebsd.org Subject: man pages for format string functions Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, I actually apologize if this is a repeat mail.. I admittedly did not look through the archives to see if this has been mentioned. Anyway... Im wondering if there should be a change in perhaps either stdarg(3), or all of the functions that contain format string parameters to state a warning about misusage. For example, in stdarg(3) it says: If there is no next argument, or if type is not compatible with the type of the actual next argument (as promoted according to the default argument promotions), random errors will occur. While I realize not everyone is using user-input'd format strings when they pass them to these functions, but perhaps a bit more of a clarification/note/warning could be mentioned here, such as: ... random errors will occur which might lead to a security risk. I am fairly poor with wording man pages, as you can see, but I think it might be worth while just to point this out. Thoughts? Andrew *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message