]> asedeno.scripts.mit.edu Git - PuTTY.git/commitdiff
projects / PuTTY.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8ff3b22)
Fix format string vulnerabilities.
authorTim Kosse <tim.kosse@filezilla-project.org>
Fri, 1 May 2015 13:54:51 +0000 (15:54 +0200)
committerSimon Tatham <anakin@pobox.com>
Mon, 10 Aug 2015 19:03:41 +0000 (20:03 +0100)
Reported by Jong-Gwon Kim. Also fixes a few memory leaks in the
process.

unix/uxstore.c patch | blob | history

diff --git a/unix/uxstore.c b/unix/uxstore.c
index 411953ac1a6ff7bde8327beee7a50c9e1c81bdb7..51242eab1ad018fb6f344442ab3cbde2d82289ed 100644 (file)
--- a/unix/uxstore.c
+++ b/unix/uxstore.c
@@ -617,9 +617,8 @@ void store_host_key(const char *hostname, int port,
 
         dir = make_filename(INDEX_DIR, NULL);
         if (mkdir(dir, 0700) < 0) {
-            char *msg = dupprintf("Unable to store host key: mkdir(\"%s\") "
-                                  "returned '%s'", dir, strerror(errno));
-            nonfatal(msg);
+            nonfatal("Unable to store host key: mkdir(\"%s\") "
+                     "returned '%s'", dir, strerror(errno));
             sfree(dir);
             sfree(tmpfilename);
             return;
@@ -629,9 +628,8 @@ void store_host_key(const char *hostname, int port,
         wfp = fopen(tmpfilename, "w");
     }
     if (!wfp) {
-        char *msg = dupprintf("Unable to store host key: open(\"%s\") "
-                              "returned '%s'", tmpfilename, strerror(errno));
-        nonfatal(msg);
+        nonfatal("Unable to store host key: open(\"%s\") "
+                 "returned '%s'", tmpfilename, strerror(errno));
         sfree(tmpfilename);
         return;
     }
@@ -662,10 +660,9 @@ void store_host_key(const char *hostname, int port,
     fclose(wfp);
 
     if (rename(tmpfilename, filename) < 0) {
-        char *msg = dupprintf("Unable to store host key: rename(\"%s\",\"%s\")"
-                              " returned '%s'", tmpfilename, filename,
-                              strerror(errno));
-        nonfatal(msg);
+        nonfatal("Unable to store host key: rename(\"%s\",\"%s\")"
+                 " returned '%s'", tmpfilename, filename,
+                 strerror(errno));
     }
 
     sfree(tmpfilename);
@@ -704,10 +701,8 @@ void write_random_seed(void *data, int len)
     fd = open(fname, O_CREAT | O_WRONLY, 0600);
     if (fd < 0) {
         if (errno != ENOENT) {
-            char *msg = dupprintf("Unable to write random seed: open(\"%s\") "
-                                  "returned '%s'", fname, strerror(errno));
-            nonfatal(msg);
-            sfree(msg);
+            nonfatal("Unable to write random seed: open(\"%s\") "
+                     "returned '%s'", fname, strerror(errno));
             sfree(fname);
             return;
         }
@@ -715,10 +710,8 @@ void write_random_seed(void *data, int len)
 
        dir = make_filename(INDEX_DIR, NULL);
        if (mkdir(dir, 0700) < 0) {
-            char *msg = dupprintf("Unable to write random seed: mkdir(\"%s\") "
-                                  "returned '%s'", dir, strerror(errno));
-            nonfatal(msg);
-            sfree(msg);
+            nonfatal("Unable to write random seed: mkdir(\"%s\") "
+                     "returned '%s'", dir, strerror(errno));
             sfree(fname);
             sfree(dir);
             return;
@@ -727,10 +720,8 @@ void write_random_seed(void *data, int len)
 
        fd = open(fname, O_CREAT | O_WRONLY, 0600);
         if (fd < 0) {
-            char *msg = dupprintf("Unable to write random seed: open(\"%s\") "
-                                  "returned '%s'", fname, strerror(errno));
-            nonfatal(msg);
-            sfree(msg);
+            nonfatal("Unable to write random seed: open(\"%s\") "
+                     "returned '%s'", fname, strerror(errno));
             sfree(fname);
             return;
         }
@@ -739,10 +730,8 @@ void write_random_seed(void *data, int len)
     while (len > 0) {
        int ret = write(fd, data, len);
        if (ret < 0) {
-            char *msg = dupprintf("Unable to write random seed: write "
-                                  "returned '%s'", strerror(errno));
-            nonfatal(msg);
-            sfree(msg);
+            nonfatal("Unable to write random seed: write "
+                     "returned '%s'", strerror(errno));
             break;
         }
        len -= ret;
local copy of git://git.tartarus.org/simon/putty.git