PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Thu Apr 3 23:27:18 PDT 2008
configure.in | 10 ++++++++++
src/polkit-grant/polkit-grant-helper.c | 4 ++--
2 files changed, 12 insertions(+), 2 deletions(-)
New commits:
commit 5bc86a14cc0e356bcf8b5f861674f842869b1be7
Author: Kees Cook <kees at outflux.net>
Date: Fri Apr 4 02:26:30 2008 -0400
fix for CVE-2008-1658: format string vulnerability in password input
http://bugs.freedesktop.org/show_bug.cgi?id=15295
diff --git a/configure.in b/configure.in
index 2fdb935..0e6ae9c 100644
--- a/configure.in
+++ b/configure.in
@@ -114,6 +114,16 @@ if test "x$GCC" = "xyes"; then
*) CFLAGS="$CFLAGS -Wsign-compare" ;;
esac
+ case " $CFLAGS " in
+ *[\ \ ]-Wformat[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wformat" ;;
+ esac
+
+ case " $CFLAGS " in
+ *[\ \ ]-Wformat-security[\ \ ]*) ;;
+ *) CFLAGS="$CFLAGS -Wformat-security" ;;
+ esac
+
if test "x$enable_ansi" = "xyes"; then
case " $CFLAGS " in
*[\ \ ]-ansi[\ \ ]*) ;;
diff --git a/src/polkit-grant/polkit-grant-helper.c b/src/polkit-grant/polkit-grant-helper.c
index b0f59f8..e141edd 100644
--- a/src/polkit-grant/polkit-grant-helper.c
+++ b/src/polkit-grant/polkit-grant-helper.c
@@ -241,7 +241,7 @@ do_auth (const char *user_to_auth, gboolean *empty_conversation)
*empty_conversation = FALSE;
/* send to parent */
- fprintf (stdout, buf);
+ fprintf (stdout, "%s", buf);
fflush (stdout);
/* read from parent */
@@ -252,7 +252,7 @@ do_auth (const char *user_to_auth, gboolean *empty_conversation)
fprintf (stderr, "received: '%s' from parent; sending to child\n", buf);
#endif /* PGH_DEBUG */
/* send to child */
- fprintf (child_stdin, buf);
+ fprintf (child_stdin, "%s", buf);
fflush (child_stdin);
}
More information about the hal-commit
mailing list