[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src



CVSROOT:	/cvs
Module name:	src
Changes by:	jason_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2000/10/06 14:21:00

Modified files:
	usr.bin/passwd : Tag: OPENBSD_2_7 yp_passwd.c 
	usr.bin/su     : Tag: OPENBSD_2_7 su.c 
	usr.sbin/eeprom: Tag: OPENBSD_2_7 eehandlers.c main.c 
	bin/chmod      : Tag: OPENBSD_2_7 chmod.c 
	bin/dd         : Tag: OPENBSD_2_7 conv.c 

Log message:
Pull in patch from current:
Fix (millert):
warnx?/errx? paranoia (use "%s" not a bare string unless it is a
constant).  These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).





Visit your host, monkey.org