Date: Mon, 21 Oct 2013 19:00:56 -0400 From: Sean Bruno <sean_bruno@yahoo.com> To: Dimitry Andric <dim@FreeBSD.org> Cc: freebsd-current@freebsd.org Subject: Re: contrib/gcclibs/libssp security warning Message-ID: <1382396456.7749.0.camel@localhost> In-Reply-To: <543E81FB-3C62-4CE6-B2D4-63A0ED7CE006@FreeBSD.org> References: <1382327252.2610.2.camel@localhost> <543E81FB-3C62-4CE6-B2D4-63A0ED7CE006@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-ol176hfl+8sjbf2rDUdt Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On Mon, 2013-10-21 at 08:44 +0200, Dimitry Andric wrote: > On Oct 21, 2013, at 05:47, Sean Bruno <sean_bruno@yahoo.com> wrote: > > There's an unchecked syslog call inside of libssp/ssp.c=20 > >=20 > >=20 > > /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23: > > warning: format string is not a string literal (potentially insecure) > > [-Wformat-security] > > syslog (LOG_CRIT, msg1); > > ^~~~ > > 1 warning generated. > > /usr/src/gnu/lib/libssp/../../../contrib/gcclibs/libssp/ssp.c:137:23: > > warning: format string is not a string literal (potentially insecure) > > [-Wformat-security] > > syslog (LOG_CRIT, msg1); > >=20 > > I propose the following change: > >=20 > > Index: contrib/gcclibs/libssp/ssp.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- contrib/gcclibs/libssp/ssp.c (revision 256712) > > +++ contrib/gcclibs/libssp/ssp.c (working copy) > > #ifdef HAVE_SYSLOG_H > > /* Only send the error to syslog if there was no tty available. */ > > else > > - syslog (LOG_CRIT, msg3); > > + syslog (LOG_CRIT, "%s", msg3); > > #endif /* HAVE_SYSLOG_H */ > >=20 >=20 >=20 > Heh, this is also still in upstream gcc. :-) It should not be a real > security problem, as the fail() function is only ever called twice, with > predictable const char arguments. But better safe than sorry, so LGTM. >=20 > -Dimitry >=20 done at svn r256866 sean --=-ol176hfl+8sjbf2rDUdt Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQEcBAABAgAGBQJSZbIoAAoJEBkJRdwI6BaH22IIAIjOhyLeYHF0fb99r2+gVTvG ArPreu0A5hl0oq3+PZWNkmRv77FxjH027L+Bog+FQMATE61VQL///gB90BfW25EZ 2nlr6jjEsoTbtTLunDY/PHByypV38ZXtiHJNPADY3/sP96xfFsRUgonHQeYvnfEj dtwGXAoLJjoZae34FwpZnSic9BnE/OnCw4Lt5BpW8P0P6CRofkwmnO5KqtrT4RuU xj08KtaE/c2/PzpPSNiucF0gVAK1vNiF1sOG6N2zwzyWUCZYQyZopuLlH295RKA8 1CYDuiqtgDGxMckKyYd18ezfNeeNehZRALpSS1Y+lbYxcwmVMr7RcCvDgOxkBL0= =Xnnn -----END PGP SIGNATURE----- --=-ol176hfl+8sjbf2rDUdt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1382396456.7749.0.camel>