OpenAFS CVS Commit: openafs/src/WINNT/afsd by jaltman
cvs@GRAND.CENTRAL.ORG
cvs@GRAND.CENTRAL.ORG
Tue, 08 Jan 2008 01:27:36 EST
Update of /cvs/openafs/src/WINNT/afsd
In directory GRAND.CENTRAL.ORG:/home/jaltman/openafs/cvs-1-3/src/WINNT/afsd
Modified Files:
smb3.c
Log Message:
DELTA windows-printf-format-string-protection-20080108
AUTHOR jaltman@secure-endpoints.com
LICENSE MIT
Do not pass strings generated from incoming network data to ??printf
as the format string. Instead use a format string of "%s". This protects
against %? expansions being inserted in the string.
--- DELTA config follows ---
windows-printf-format-string-protection-20080108 openafs/src/WINNT/afsd/smb3.c 1.145 1.146