Add new "SECURITY CONSIDERATIONS" sections.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs

lib/libc/stdio/fgets.3

@@ -132,10 +132,24 @@ may also fail and set
 .Va errno
 for any of the errors specified for the routine
 .Xr getchar 3 .
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn gets
+function cannot be used securely.
+Because of its lack of bounds checking,
+the use of this function enables malicious users
+to arbitrarily change a running program's functionality through
+a buffer overflow attack.
+(See
+the FSA.)
 .Sh SEE ALSO
 .Xr feof 3 ,
 .Xr ferror 3 ,
 .Xr fgetln 3
+.Rs
+.%T "The FreeBSD Security Architecture"
+.%J "/usr/share/doc/{to be determined}"
+.Re
 .Sh STANDARDS
 The functions
 .Fn fgets

lib/libc/stdio/printf.3

@@ -688,10 +688,26 @@ char *newfmt(const char *fmt, ...)
 		return (p);
 }
 .Ed
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn sprintf
+and
+.Fn vsprintf
+functions are easily misused in a manner which enables malicious users
+to arbitrarily change a running program's functionality through
+a buffer overflow attack.
+(See
+the FSA
+and
+.Sx EXAMPLES . )
 .Sh SEE ALSO
 .Xr printf 1 ,
 .Xr scanf 3 ,
 .Xr setlocale 3
+.Rs
+.%T "The FreeBSD Security Architecture"
+.%J "/usr/share/doc/{to be determined}"
+.Re
 .Sh STANDARDS
 The
 .Fn fprintf ,

lib/libc/stdio/tmpnam.3

@@ -182,9 +182,27 @@ for any of the errors specified for the library functions
 .Xr malloc 3
 or
 .Xr mktemp 3 .
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn tmpnam
+and
+.Fn tempnam
+functions are susceptible to a race condition,
+which allows malicious users
+to potentially overwrite arbitrary files in the system,
+depending on the level of privilege of the running program.
+It is strongly suggested that
+.Xr mkstemp 3
+be used in place of these functions.
+(See
+the FSA.)
 .Sh SEE ALSO
 .Xr mkstemp 3 ,
 .Xr mktemp 3
+.Rs
+.%T "The FreeBSD Security Architecture"
+.%J "/usr/share/doc/{to be determined}"
+.Re
 .Sh STANDARDS
 The
 .Fn tmpfile