LogFilePrep: add a comment to the unsafe format string.

CVE-2018-14665 also made it possible to exploit this to access memory. With -logfile forbidden when running with elevated privileges this is no longer an issue. Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> Reviewed-by: Adam Jackson <ajax@redhat.com>
2018-10-23 21:29:09 +02:00 · 2018-10-23 21:29:09 +02:00 · 248d164eae
parent 50c0cf885a
commit 248d164eae
1 changed files with 2 additions and 0 deletions
--- a/os/log.c
+++ b/os/log.c
@ -194,6 +194,8 @@ LogFilePrep(const char *fname, const char *backup, const char *idstring)
 {
    char *logFileName = NULL;

+    /* the format string below is controlled by the user,
+       this code should never be called with elevated privileges */
    if (asprintf(&logFileName, fname, idstring) == -1)
        FatalError("Cannot allocate space for the log file name\n");