svn commit: trunk/busybox: miscutils util-linux
vodz at busybox.net
vodz at busybox.net
Tue Feb 28 08:23:29 UTC 2006
Author: vodz
Date: 2006-02-28 00:23:27 -0800 (Tue, 28 Feb 2006)
New Revision: 14360
Log:
more security: don't start shell code from argv
Modified:
trunk/busybox/miscutils/eject.c
trunk/busybox/util-linux/setarch.c
Changeset:
Modified: trunk/busybox/miscutils/eject.c
===================================================================
--- trunk/busybox/miscutils/eject.c 2006-02-28 07:54:28 UTC (rev 14359)
+++ trunk/busybox/miscutils/eject.c 2006-02-28 08:23:27 UTC (rev 14360)
@@ -43,7 +43,7 @@
}
if (ioctl(bb_xopen(device, (O_RDONLY | O_NONBLOCK)),
(flags ? CDROMCLOSETRAY : CDROMEJECT))) {
- bb_perror_msg_and_die(device);
+ bb_perror_msg_and_die("%s", device);
}
return (EXIT_SUCCESS);
}
Modified: trunk/busybox/util-linux/setarch.c
===================================================================
--- trunk/busybox/util-linux/setarch.c 2006-02-28 07:54:28 UTC (rev 14359)
+++ trunk/busybox/util-linux/setarch.c 2006-02-28 08:23:27 UTC (rev 14360)
@@ -49,5 +49,5 @@
execvp(argv[0], argv);
failure:
- bb_perror_msg_and_die(argv[0]);
+ bb_perror_msg_and_die("%s", argv[0]);
}
More information about the busybox-cvs
mailing list