Add new "SECURITY CONSIDERATIONS" sections.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
This commit is contained in:
Chris Costello 2002-01-06 21:16:41 +00:00
parent 48dac05955
commit e125c135a8
3 changed files with 48 additions and 0 deletions

View File

@ -132,10 +132,24 @@ may also fail and set
.Va errno
for any of the errors specified for the routine
.Xr getchar 3 .
.Sh SECURITY CONSIDERATIONS
The
.Fn gets
function cannot be used securely.
Because of its lack of bounds checking,
the use of this function enables malicious users
to arbitrarily change a running program's functionality through
a buffer overflow attack.
(See
the FSA.)
.Sh SEE ALSO
.Xr feof 3 ,
.Xr ferror 3 ,
.Xr fgetln 3
.Rs
.%T "The FreeBSD Security Architecture"
.%J "/usr/share/doc/{to be determined}"
.Re
.Sh STANDARDS
The functions
.Fn fgets

View File

@ -688,10 +688,26 @@ char *newfmt(const char *fmt, ...)
return (p);
}
.Ed
.Sh SECURITY CONSIDERATIONS
The
.Fn sprintf
and
.Fn vsprintf
functions are easily misused in a manner which enables malicious users
to arbitrarily change a running program's functionality through
a buffer overflow attack.
(See
the FSA
and
.Sx EXAMPLES . )
.Sh SEE ALSO
.Xr printf 1 ,
.Xr scanf 3 ,
.Xr setlocale 3
.Rs
.%T "The FreeBSD Security Architecture"
.%J "/usr/share/doc/{to be determined}"
.Re
.Sh STANDARDS
The
.Fn fprintf ,

View File

@ -182,9 +182,27 @@ for any of the errors specified for the library functions
.Xr malloc 3
or
.Xr mktemp 3 .
.Sh SECURITY CONSIDERATIONS
The
.Fn tmpnam
and
.Fn tempnam
functions are susceptible to a race condition,
which allows malicious users
to potentially overwrite arbitrary files in the system,
depending on the level of privilege of the running program.
It is strongly suggested that
.Xr mkstemp 3
be used in place of these functions.
(See
the FSA.)
.Sh SEE ALSO
.Xr mkstemp 3 ,
.Xr mktemp 3
.Rs
.%T "The FreeBSD Security Architecture"
.%J "/usr/share/doc/{to be determined}"
.Re
.Sh STANDARDS
The
.Fn tmpfile