I've merged the following patch. = From: Vincent Danen <vdanen@xxxxxxxxxx> Subject: [PATCH] fix format string vulnerability The isns code has the same problem: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935 Signed-off-by: FUJITA Tomonori <fujita.tomonori@xxxxxxxxxxxxx> --- usr/iscsi/isns.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/iscsi/isns.c b/usr/iscsi/isns.c index 3bfc1fc..c4d90cf 100644 --- a/usr/iscsi/isns.c +++ b/usr/iscsi/isns.c @@ -316,7 +316,7 @@ static int isns_attr_query(char *name) tlv = (struct isns_tlv *) hdr->pdu; if (name) - snprintf(mgmt->name, sizeof(mgmt->name), name); + snprintf(mgmt->name, sizeof(mgmt->name), "%s", name); else { mgmt->name[0] = '\0'; target = list_first_entry(&iscsi_targets_list, @@ -690,7 +690,7 @@ found: ini = malloc(sizeof(*ini)); if (!ini) goto free_qry_mgmt; - snprintf(ini->name, sizeof(ini->name), name); + snprintf(ini->name, sizeof(ini->name), "%s", name); list_add(&ini->ilist, &target->isns_list); } else name = NULL; -- 1.7.0 -- To unsubscribe from this list: send the line "unsubscribe stgt" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
