Fixed a bug that could case a root exploit when the daemon is compiled

to do IDENT lookups and is logging to syslog. Bug discovered by CoKi,
<coki@nosystem.com.ar>, thanks a lot! [from HEAD.]
(http://www.nosystem.com.ar/advisories/advisory-11.txt)

diff --git a/ChangeLog b/ChangeLog
index 9f6daf924f3bf2fd5866e13e6fc021884b707fc3..379a4e0035672d2775b56e2202cb9766856a4c78 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,13 @@
                                -- ChangeLog --
 
 
                                -- ChangeLog --
 
 

+ngIRCd 0.8.x
+
+  - Fixed a bug that could case a root exploit when the daemon is compiled
+    to do IDENT lookups and is logging to syslog. Bug discovered by CoKi,
+    <coki@nosystem.com.ar>, thanks a lot!
+    (http://www.nosystem.com.ar/advisories/advisory-11.txt)
+

 ngIRCd 0.8.2 (2005-01-26)
 
   - Added doc/SSL.txt to distribution.
 ngIRCd 0.8.2 (2005-01-26)
 
   - Added doc/SSL.txt to distribution.


@@ -554,4 +561,4 @@ ngIRCd 0.0.1, 31.12.2001
 
 
 -- 
 
 
 -- 

-$Id: ChangeLog,v 1.233.2.18 2005/02/03 09:20:58 alex Exp $
+$Id: ChangeLog,v 1.233.2.19 2005/02/03 09:27:09 alex Exp $

diff --git a/src/ngircd/log.c b/src/ngircd/log.c
index 794ff0acfbb3ed02ee4aaeccf2f38cca3bc323a2..dd7611e4b1d0de8fa0e49848ca44e573d855e7b8 100644 (file)
--- a/src/ngircd/log.c
+++ b/src/ngircd/log.c
@@ -14,7 +14,7 @@
 
 #include "portab.h"
 
 
 #include "portab.h"
 

-static char UNUSED id[] = "$Id: log.c,v 1.44.2.3 2004/06/26 09:06:27 alex Exp $";
+static char UNUSED id[] = "$Id: log.c,v 1.44.2.4 2005/02/03 09:27:09 alex Exp $";

 
 #include "imp.h"
 #include <assert.h>
 
 #include "imp.h"
 #include <assert.h>


@@ -269,7 +269,7 @@ va_dcl
                fflush( stdout );
        }
 #ifdef SYSLOG
                fflush( stdout );
        }
 #ifdef SYSLOG

-       else syslog( Level, msg );
+       else syslog( Level, "%s", msg );

 #endif
 } /* Log_Resolver */
 
 #endif
 } /* Log_Resolver */