d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix setproctitle() vulnerability in non-compiled code.

Browse Source
This commit is contained in:
kris 2000-08-13 04:35:43 +00:00
parent 24d61c1ea6
commit f7413271b5
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
View File

@ -786,7 +786,7 @@ int do_login(int code, char *passwd)
"%s: anonymous/%s",
remotehost,
passwd);
setproctitle(proctitle);
setproctitle("%s", proctitle);
#endif /* HAVE_SETPROCTITLE */
if (logging) {
char data_addr[256];
@ -807,7 +807,7 @@ int do_login(int code, char *passwd)
reply(code, "User %s logged in.", pw->pw_name);
#ifdef HAVE_SETPROCTITLE
snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name);
setproctitle(proctitle);
setproctitle("%s", proctitle);
#endif /* HAVE_SETPROCTITLE */
if (logging) {
char data_addr[256];
@ -1782,7 +1782,7 @@ dolog(struct sockaddr *sa)
inaddr2str (sin->sin_addr, remotehost, sizeof(remotehost));
#ifdef HAVE_SETPROCTITLE
snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost);
setproctitle(proctitle);
setproctitle("%s", proctitle);
#endif /* HAVE_SETPROCTITLE */
if (logging) {