Fix possible syslog() exploit

git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@335 91ce42f0-d328-0410-95d8-f526ca767f89

diff --git a/bacula/src/lib/message.c b/bacula/src/lib/message.c
index 6d708aa9b1815f9f8916ae6fd60e2d993c364d44..b64036bd76ed86ee96ad41ab3e5a77ee3603c420 100755 (executable)
--- a/bacula/src/lib/message.c
+++ b/bacula/src/lib/message.c
@@ -577,8 +577,10 @@ void dispatch_message(void *vjcr, int type, int level, char *msg)
                break;
             case MD_SYSLOG:
                 Dmsg1(400, "SYSLOG for collowing msg: %s\n", msg);
-               /* We really should do an openlog() here */
-               syslog(LOG_DAEMON|LOG_ERR, msg);
+               /*
+                * We really should do an openlog() here.  
+                */
+                syslog(LOG_DAEMON|LOG_ERR, "%s", msg);
                break;
             case MD_OPERATOR:
                 Dmsg1(400, "OPERATOR for collowing msg: %s\n", msg);