emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dont printf arguments given by user for security sanity

Browse Source
This commit is contained in:
Mike Frysinger
2006-03-23 02:07:20 +00:00
parent 64bef2ab9c
commit 948a09d6f2
4 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
util-linux/fdformat.c
View File

@ -85,7 +85,7 @@ int fdformat_main(int argc,char **argv)
/* R_OK is needed for verifying */
if (stat(*argv,&st) < 0 || access(*argv,W_OK | R_OK ) < 0) {
bb_perror_msg_and_die(*argv);
bb_perror_msg_and_die("%s",*argv);
}
if (!S_ISBLK(st.st_mode)) {
bb_error_msg_and_die("%s: not a block device",*argv);