ntp-format-security.patch

   1 diff -ur ntp-4.2.6p5/lib/isc/unix/ifiter_ioctl.c ntp-4.2.6p5.new/lib/isc/unix/ifiter_ioctl.c
   2 --- ntp-4.2.6p5/lib/isc/unix/ifiter_ioctl.c     2010-12-25 09:40:34.000000000 +0000
   3 +++ ntp-4.2.6p5.new/lib/isc/unix/ifiter_ioctl.c 2012-10-22 11:34:15.000000000 +0100
   4 @@ -159,7 +159,7 @@
   5                                 break;
   6                 }
   7                 if (iter->bufsize >= IFCONF_BUFSIZE_MAX) {
   8 -                       UNEXPECTED_ERROR(__FILE__, __LINE__,
   9 +                       UNEXPECTED_ERROR(__FILE__, __LINE__, "%s",
  10                                          isc_msgcat_get(isc_msgcat,
  11                                                         ISC_MSGSET_IFITERIOCTL,
  12                                                         ISC_MSG_BUFFERMAX,
  13 diff -ur ntp-4.2.6p5/ntpd/ntp_config.c ntp-4.2.6p5.new/ntpd/ntp_config.c
  14 --- ntp-4.2.6p5/ntpd/ntp_config.c       2012-10-22 11:43:38.000000000 +0100
  15 +++ ntp-4.2.6p5.new/ntpd/ntp_config.c   2012-10-22 11:38:02.000000000 +0100
  16 @@ -2334,7 +2334,7 @@
  17                 if ((RES_MSSNTP & flags) && !warned_signd) {
  18                         warned_signd = 1;
  19                         fprintf(stderr, "%s\n", signd_warning);
  20 -                       msyslog(LOG_WARNING, signd_warning);
  21 +                       msyslog(LOG_WARNING, "%s", signd_warning);
  22                 }
  23         }
  24  }
  25 diff -ur ntp-4.2.6p5/ntpd/ntp_control.c ntp-4.2.6p5.new/ntpd/ntp_control.c
  26 --- ntp-4.2.6p5/ntpd/ntp_control.c      2011-12-09 02:00:53.000000000 +0000
  27 +++ ntp-4.2.6p5.new/ntpd/ntp_control.c  2012-10-22 11:37:11.000000000 +0100
  28 @@ -2962,7 +2962,7 @@
  29                             " %s", str);
  30                 }
  31                 NLOG(NLOG_SYSEVENT)
  32 -                   msyslog(LOG_INFO, statstr);
  33 +                   msyslog(LOG_INFO, "%s", statstr);
  34         } else {
  35
  36                 /*
  37 @@ -2994,7 +2994,7 @@
  38                             " %s", str);
  39                 }
  40                 NLOG(NLOG_PEEREVENT)
  41 -                   msyslog(LOG_INFO, statstr);
  42 +                   msyslog(LOG_INFO, "%s", statstr);
  43         }
  44         record_proto_stats(statstr);
  45  #if DEBUG
  46 diff -ur ntp-4.2.6p5/ntpd/ntpd.c ntp-4.2.6p5.new/ntpd/ntpd.c
  47 --- ntp-4.2.6p5/ntpd/ntpd.c     2012-10-22 11:43:38.000000000 +0100
  48 +++ ntp-4.2.6p5.new/ntpd/ntpd.c 2012-10-22 11:39:33.000000000 +0100
  49 @@ -1242,7 +1242,7 @@
  50
  51         msyslog(LOG_ERR, "%s:%d: fatal error:", file, line);
  52         vsnprintf(errbuf, sizeof(errbuf), format, args);
  53 -       msyslog(LOG_ERR, errbuf);
  54 +       msyslog(LOG_ERR, "%s", errbuf);
  55         msyslog(LOG_ERR, "exiting (due to fatal error in library)");
  56
  57         abort();
  58 @@ -1264,7 +1264,7 @@
  59
  60         msyslog(LOG_ERR, "%s:%d: unexpected error:", file, line);
  61         vsnprintf(errbuf, sizeof(errbuf), format, args);
  62 -       msyslog(LOG_ERR, errbuf);
  63 +       msyslog(LOG_ERR, "%s", errbuf);
  64
  65         if (++unexpected_error_cnt == MAX_UNEXPECTED_ERRORS)
  66         {