source-changes: Re: CVS commit: basesrc

Subject: Re: CVS commit: basesrc
To: None <ad@netbsd.org>
From: Michael Eriksson <eramore@era-t.ericsson.se>
List: source-changes
Date: 07/13/2000 11:44:09

Andy Doran wrote:
> Module Name:	basesrc
> Committed By:	ad
> Date:		Thu Jul  6 14:01:07 UTC 2000
> 
> Modified Files:
> 	basesrc/sbin/atactl: atactl.c
> 
> Log Message:
> printf fmt string without %s, from OpenBSD.
> 
> 
> To generate a diff of this commit:
> cvs rdiff -r1.6 -r1.7 basesrc/sbin/atactl/atactl.c

bolle>cvs rdiff -r1.6 -r1.7 basesrc/sbin/atactl/atactl.c
Index: basesrc/sbin/atactl/atactl.c
diff -c basesrc/sbin/atactl/atactl.c:1.6 basesrc/sbin/atactl/atactl.c:1.7
*** basesrc/sbin/atactl/atactl.c:1.6    Sun Oct 31 18:30:58 1999
--- basesrc/sbin/atactl/atactl.c        Thu Jul  6 07:01:06 2000
***************
*** 1,4 ****
! /*    $NetBSD: atactl.c,v 1.6 1999/11/01 02:30:58 soren Exp $ */
  
  /*-
   * Copyright (c) 1998 The NetBSD Foundation, Inc.
--- 1,4 ----
! /*    $NetBSD: atactl.c,v 1.7 2000/07/06 14:01:06 ad Exp $    */
  
  /*-
   * Copyright (c) 1998 The NetBSD Foundation, Inc.
***************
*** 267,273 ****
  
        for (; binfo->bitmask != NULL; binfo++)
                if (bits & binfo->bitmask)
!                       printf(f, binfo->string);
  }
  
  /*
--- 267,273 ----
  
        for (; binfo->bitmask != NULL; binfo++)
                if (bits & binfo->bitmask)
!                       printf(f, "%s", binfo->string);
  }
  
  /*

That look bogus to me. Please observe that the format string is sent
in the f parameter to the print_bitinfo() function.

I don't think we should adopt all OpenBSD's "fixes" without checking
them. It's not unlikely that they have also introduced one or two new
bugs during their "security audit"...

-- 
Michael Eriksson <eramore@era-t.ericsson.se>
NO CARRIER