Possibly exploitable, but tripe's admin interface isn't usually a
security boundary.
if (!q)
return;
if (strcmp(q, "WARN") == 0)
if (!q)
return;
if (strcmp(q, "WARN") == 0)
+ dolog(LOG_WARNING, "%s", p);
else if (strcmp(q, "TRACE") == 0)
else if (strcmp(q, "TRACE") == 0)
+ dolog(LOG_DEBUG, "%s", p);
else if (!(f & f_command))
dolog(LOG_ERR, "unexpected output `%s %s'", q, p);
else if (strcmp(q, "FAIL") == 0) {
else if (!(f & f_command))
dolog(LOG_ERR, "unexpected output `%s %s'", q, p);
else if (strcmp(q, "FAIL") == 0) {
if (logfp)
writelog("error", d.buf);
else if (logname)
if (logfp)
writelog("error", d.buf);
else if (logname)
- die(EXIT_FAILURE, d.buf);
+ die(EXIT_FAILURE, "%s", d.buf);
if (f & f_syslog)
syslog(LOG_ERR, "%s", d.buf);
dstr_destroy(&d);
if (f & f_syslog)
syslog(LOG_ERR, "%s", d.buf);
dstr_destroy(&d);