commit 8308c170dbf7f1c998ca0cb3b1ce7d21712a9f08 from: Alexander Barton date: Thu Feb 03 09:26:42 2005 UTC Fixed a bug that could case a root exploit when the daemon is compiled to do IDENT lookups and is logging to syslog. Bug discovered by CoKi, , thanks a lot! (http://www.nosystem.com.ar/advisories/advisory-11.txt) commit - 07fe19889b9a7a7afc8da68b4062b81287d23dd3 commit + 8308c170dbf7f1c998ca0cb3b1ce7d21712a9f08 blob - 98970049a415681af9b76df558745e821560395f blob + 340ae6bfefdc7545d5dfb95fe580502abbe8fe7b --- ChangeLog +++ ChangeLog @@ -12,6 +12,10 @@ ngIRCd CVSHEAD + - Fixed a bug that could case a root exploit when the daemon is compiled + to do IDENT lookups and is logging to syslog. Bug discovered by CoKi, + , thanks a lot! + (http://www.nosystem.com.ar/advisories/advisory-11.txt) - Code cleanups from Florian Westphal, . - Raised the maximum length of passwords to 20 characters. - Fixed a memory leak when resizing the connection pool and realloc() @@ -28,7 +32,7 @@ ngIRCd CVSHEAD should enable the system to write proper core files when not running with root privileges ... -ngircd 0.8.2 (2005-01-26) +ngIRCd 0.8.2 (2005-01-26) - Added doc/SSL.txt to distribution. - Fixed a buffer overflow that could cause the daemon to crash. Bug found @@ -572,4 +576,4 @@ ngIRCd 0.0.1, 31.12.2001 -- -$Id: ChangeLog,v 1.256 2005/02/03 09:11:43 alex Exp $ +$Id: ChangeLog,v 1.257 2005/02/03 09:26:42 alex Exp $ blob - 9af2a447ea72a5b5d3f3185f271dfd10b420a654 blob + ec284269cdbbe8870135cde6b0afbf3234c3d0a3 --- src/ngircd/log.c +++ src/ngircd/log.c @@ -14,7 +14,7 @@ #include "portab.h" -static char UNUSED id[] = "$Id: log.c,v 1.49 2005/01/20 00:12:23 alex Exp $"; +static char UNUSED id[] = "$Id: log.c,v 1.50 2005/02/03 09:26:42 alex Exp $"; #include "imp.h" #include @@ -272,7 +272,7 @@ va_dcl fflush( stdout ); } #ifdef SYSLOG - else syslog( Level, msg ); + else syslog( Level, "%s", msg ); #endif } /* Log_Resolver */