On Sun, 2019-03-17 at 19:06 +0100, Matteo Croce wrote: > #571590 added the '-f' argument to pidof, which allows to specify an > arbitrary format string for the PIDs. > Unfortunately this is broken, because passing plain user input to > printf() can easily exploited:
What's the attack vector here (making this an exploit rather than "just" a bug)? Wouldn't you need to have some process which was passing untrusted data directly to the `-f` argument, is that likely in the real world? Ian.
