[stgt] [PATCH] fix format string vulnerability
FUJITA Tomonori
fujita.tomonori at lab.ntt.co.jp
Wed Mar 24 14:20:32 CET 2010
I've merged the following patch.
=
From: Vincent Danen <vdanen at redhat.com>
Subject: [PATCH] fix format string vulnerability
The isns code has the same problem:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935
Signed-off-by: FUJITA Tomonori <fujita.tomonori at lab.ntt.co.jp>
---
usr/iscsi/isns.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/usr/iscsi/isns.c b/usr/iscsi/isns.c
index 3bfc1fc..c4d90cf 100644
--- a/usr/iscsi/isns.c
+++ b/usr/iscsi/isns.c
@@ -316,7 +316,7 @@ static int isns_attr_query(char *name)
tlv = (struct isns_tlv *) hdr->pdu;
if (name)
- snprintf(mgmt->name, sizeof(mgmt->name), name);
+ snprintf(mgmt->name, sizeof(mgmt->name), "%s", name);
else {
mgmt->name[0] = '\0';
target = list_first_entry(&iscsi_targets_list,
@@ -690,7 +690,7 @@ found:
ini = malloc(sizeof(*ini));
if (!ini)
goto free_qry_mgmt;
- snprintf(ini->name, sizeof(ini->name), name);
+ snprintf(ini->name, sizeof(ini->name), "%s", name);
list_add(&ini->ilist, &target->isns_list);
} else
name = NULL;
--
1.7.0
--
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the stgt
mailing list