From 1f55865f2830d0fa36a3f4eeb846f66940b133cd Mon Sep 17 00:00:00 2001 From: Amitay Isaacs Date: Mon, 5 Nov 2012 01:09:28 +1100 Subject: s4-dns: Fix format string vulnerability in an error message (bug #9354) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also, fixes few comments. Thanks to Bruno Rohée for reporting and patch fix. Signed-off-by: Amitay Isaacs Reviewed-By: Kai Blin Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Sun Nov 4 16:58:13 CET 2012 on sn-devel-104 --- source4/dns_server/dlz_bind9.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/source4/dns_server/dlz_bind9.c b/source4/dns_server/dlz_bind9.c index bea8361fa1..689ed45bb0 100644 --- a/source4/dns_server/dlz_bind9.c +++ b/source4/dns_server/dlz_bind9.c @@ -379,7 +379,8 @@ static bool b9_parse(struct dlz_bind9_data *state, /* we should be at the end of the buffer now */ if (strtok_r(NULL, "\t ", &saveptr) != NULL) { - state->log(ISC_LOG_ERROR, "samba b9_parse: expected data at end of string for '%s'"); + state->log(ISC_LOG_ERROR, "samba b9_parse: unexpected data at end of string for '%s'", + rdatastr); return false; } @@ -387,7 +388,7 @@ static bool b9_parse(struct dlz_bind9_data *state, } /* - send a resource recond to bind9 + send a resource record to bind9 */ static isc_result_t b9_putrr(struct dlz_bind9_data *state, void *handle, struct dnsp_DnssrvRpcRecord *rec, @@ -427,7 +428,7 @@ static isc_result_t b9_putrr(struct dlz_bind9_data *state, /* - send a named resource recond to bind9 + send a named resource record to bind9 */ static isc_result_t b9_putnamedrr(struct dlz_bind9_data *state, void *handle, const char *name, @@ -1456,7 +1457,7 @@ static bool b9_set_session_info(struct dlz_bind9_data *state, const char *name) return false; } - /* Do not use client credentials, if we not updating the client specified name */ + /* Do not use client credentials, if we're not updating the client specified name */ if (strcmp(state->update_name, name) != 0) { return true; } -- cgit