From 601a6d955f3958875599796d5745b2780f7a6bfe Mon Sep 17 00:00:00 2001
From: Fritz Elfert <felfert@to.com>
Date: Mon, 3 Feb 2003 00:56:52 +0000
Subject:  - Fixed 4 more possible formatstring exploits.

---
 lib/log.cc            | 2 +-
 plpprint/plpprintd.cc | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/log.cc b/lib/log.cc
index 321de6a..fada4f5 100644
--- a/lib/log.cc
+++ b/lib/log.cc
@@ -37,7 +37,7 @@ int logbuf::overflow(int c) {
 	*ptr++ = '\n';
 	*ptr = '\0';
 	if (_on)
-	    syslog(_level, buf);
+	    syslog(_level, "%s", buf);
 	else if (_fd != -1)
 	    write(_fd, buf, len + 1);
 	ptr = buf;
diff --git a/plpprint/plpprintd.cc b/plpprint/plpprintd.cc
index e68525a..5898d64 100644
--- a/plpprint/plpprintd.cc
+++ b/plpprint/plpprintd.cc
@@ -91,7 +91,7 @@ debuglog(char *fmt, ...)
     if (debug)
 	cout << buf << endl;
     else
-	syslog(LOG_DEBUG, buf);
+	syslog(LOG_DEBUG, "%s", buf);
     free(buf);
     return 0;
 }
@@ -104,7 +104,7 @@ errorlog(char *fmt, ...)
     if (debug)
 	cerr << buf << endl;
     else
-	syslog(LOG_ERR, buf);
+	syslog(LOG_ERR, "%s", buf);
     free(buf);
     return 0;
 }
@@ -117,7 +117,7 @@ infolog(char *fmt, ...)
     if (debug)
 	cout << buf << endl;
     else
-	syslog(LOG_INFO, buf);
+	syslog(LOG_INFO, "%s", buf);
     free(buf);
     return 0;
 }
-- 
cgit v1.2.3