jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-11-29 17:32:43 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Don't call printf with no format string. This is technically a security

Browse Source 
vulnerability and could in principle be used to upload a new kernel from the
bootloader :-)
This commit is contained in:
Kris Kennaway 2000-07-10 06:33:55 +00:00
parent c98c98a822
commit 487730cc8b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=62873
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/boot/common/commands.c
View File

@ -326,7 +326,7 @@ command_echo(int argc, char *argv[])
s = unargv(argc, argv);
if (s != NULL) {
printf(s);
printf("%s", s);
free(s);
}
if (!nl)
@ -378,7 +378,7 @@ command_read(int argc, char *argv[])
name = (argc > 0) ? argv[0]: NULL;
if (prompt != NULL)
printf(prompt);
printf("%s", prompt);
if (timeout >= 0) {
when = time(NULL) + timeout;
while (!ischar())