diff options
author | Aaron Campbell <aaron@cvs.openbsd.org> | 2000-10-19 18:18:55 +0000 |
---|---|---|
committer | Aaron Campbell <aaron@cvs.openbsd.org> | 2000-10-19 18:18:55 +0000 |
commit | 89b9f42f7f56a97c16834c65a768c7817bc36114 (patch) | |
tree | 303ae05756db3c22500d11eec03e153f281975c9 | |
parent | 6c44a023e78bec467cc91b884b434ebef81dc01e (diff) |
Put the fmt strings CAVEATS section into userland printf(1) man page, too;
it applies here as well.
-rw-r--r-- | usr.bin/printf/printf.1 | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/usr.bin/printf/printf.1 b/usr.bin/printf/printf.1 index c63bb3baffa..7dd31b6eda1 100644 --- a/usr.bin/printf/printf.1 +++ b/usr.bin/printf/printf.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: printf.1,v 1.11 2000/03/23 21:10:18 aaron Exp $ +.\" $OpenBSD: printf.1,v 1.12 2000/10/19 18:18:54 aaron Exp $ .\" .\" Copyright (c) 1989, 1990 The Regents of the University of California. .\" All rights reserved. @@ -316,6 +316,17 @@ The .Nm command appeared in .Bx 4.3 Reno . +.Sh CAVEATS +It is important to never pass a string with user-supplied data as a +format without using +.Ql %s . +An attacker can put format specifiers in the string to mangle your stack, +leading to a possible security hole. +.Pp +Be sure to always use the proper secure idiom: +.Bd -literal -offset indent +printf "%s" "$STRING" +.Ed .Sh BUGS Since arguments are translated from .Tn ASCII |