From 948a09d6f288144744ebe281bc18c4bf1a9fac58 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Thu, 23 Mar 2006 02:07:20 +0000 Subject: dont printf arguments given by user for security sanity --- coreutils/watch.c | 2 +- miscutils/mountpoint.c | 2 +- miscutils/setsid.c | 2 +- util-linux/fdformat.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/coreutils/watch.c b/coreutils/watch.c index 9da591b..9e0c54c 100644 --- a/coreutils/watch.c +++ b/coreutils/watch.c @@ -100,7 +100,7 @@ int watch_main(int argc, char **argv) //child dup2(old_stdout, STDOUT_FILENO); execvp(*watched_argv, watched_argv); - bb_perror_msg_and_die(*watched_argv); + bb_perror_msg_and_die("%s", *watched_argv); } else { bb_perror_msg_and_die("vfork"); } diff --git a/miscutils/mountpoint.c b/miscutils/mountpoint.c index 38c654c..1248dc0 100644 --- a/miscutils/mountpoint.c +++ b/miscutils/mountpoint.c @@ -64,7 +64,7 @@ int mountpoint_main(int argc, char **argv) } } if (!(opt & OPT_q)) - bb_perror_msg(arg); + bb_perror_msg("%s", arg); return EXIT_FAILURE; } } diff --git a/miscutils/setsid.c b/miscutils/setsid.c index 8061896..39be546 100644 --- a/miscutils/setsid.c +++ b/miscutils/setsid.c @@ -41,6 +41,6 @@ setsid_main(int argc, char *argv[]) { execvp(argv[1], argv + 1); - bb_perror_msg_and_die(argv[1]); + bb_perror_msg_and_die("%s", argv[1]); } diff --git a/util-linux/fdformat.c b/util-linux/fdformat.c index e7dd943..5772e13 100644 --- a/util-linux/fdformat.c +++ b/util-linux/fdformat.c @@ -85,7 +85,7 @@ int fdformat_main(int argc,char **argv) /* R_OK is needed for verifying */ if (stat(*argv,&st) < 0 || access(*argv,W_OK | R_OK ) < 0) { - bb_perror_msg_and_die(*argv); + bb_perror_msg_and_die("%s",*argv); } if (!S_ISBLK(st.st_mode)) { bb_error_msg_and_die("%s: not a block device",*argv); -- cgit v1.1