Stronger caveat wrt stack smashing via % escapes. Each man page

carries the same caveat...

1 files changed, 19 insertions, 1 deletions

diff --git a/lib/libc/gen/syslog.3 b/lib/libc/gen/syslog.3
index 3dc53dd111c..f7e48e952f1 100644
--- a/lib/libc/gen/syslog.3
+++ b/lib/libc/gen/syslog.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: syslog.3,v 1.7 1999/07/09 13:35:19 aaron Exp $
+.\"	$OpenBSD: syslog.3,v 1.8 2000/07/16 22:44:58 millert Exp $
 .\"
 .\" Copyright (c) 1985, 1991, 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -269,3 +269,21 @@ syslog(LOG_INFO|LOG_LOCAL2, "foobar error: %m");
 These
 functions appeared in
 .Bx 4.2 .
+.Sh CAVEATS
+It is important to never pass a string with user-supplied data as a
+format without using %s.
+An attacker can put format specifiers in the string to mangle your stack,
+leading to a possible security hole.
+This holds true even if you have built the string
+.Dq by hand
+using a function like
+.Fn snprintf ,
+as the attacker can escape the percent sign
+.Pq Sq %
+for later interpolation by
+.Fn syslog .
+.Pp
+Be sure to always use the proper secure idiom:
+.Bd -literal -offset indent
+syslog("%s", string);
+.Ed