From: stefan <stefan@openbsd.org>
Date: Mon, 1 Aug 2016 16:32:10 +0000 (+0000)
Subject: Do not pass VM name directly to setproctitle format string.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=419a1970a57e08252234496f2b12827e24417a6e;p=openbsd

Do not pass VM name directly to setproctitle format string.

Use a secure idiom instead.
ok mlarkin@
---

diff --git a/usr.sbin/vmd/vmm.c b/usr.sbin/vmd/vmm.c
index 59403d59ec4..cb0af49f975 100644
--- a/usr.sbin/vmd/vmm.c
+++ b/usr.sbin/vmd/vmm.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vmm.c,v 1.34 2016/07/29 16:36:51 stefan Exp $	*/
+/*	$OpenBSD: vmm.c,v 1.35 2016/08/01 16:32:10 stefan Exp $	*/
 
 /*
  * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@@ -529,7 +529,7 @@ start_vm(struct imsg *imsg, uint32_t *id)
 		return (0);
 	} else {
 		/* Child */
-		setproctitle(vcp->vcp_name);
+		setproctitle("%s", vcp->vcp_name);
 		log_procinit(vcp->vcp_name);
 
 		create_memory_map(vcp);