1 Fix a potential security problem if the message log contained "%".
3 diff --git a/common/log.c b/common/log.c
4 index 7bbdfc0..4ed2adf 100644
7 @@ -160,13 +160,13 @@ log_message(struct log_config* l_cfg, const unsigned int lvl, const char* msg, .
8 if (l_cfg->enable_syslog && (lvl <= l_cfg->log_level))
11 - syslog(log_xrdp2syslog(lvl), buff + 20);
12 + syslog(log_xrdp2syslog(lvl), "%s", buff + 20);
15 if (lvl <= l_cfg->log_level)
18 - g_printf((char*)buff);
19 + g_printf("%s", (char*)buff);
21 /* log to application logfile */
22 #ifdef LOG_ENABLE_THREAD