Re: error: format not a string literal and no format arguments



On Sun, 2008-07-06 at 09:49 -0400, Colin Walters wrote:
> On Sun, 2008-07-06 at 02:40 +0100, Alexander Jones wrote:
> 
> > Yeah, I could just use -Wleave-me-alone-ffs or something, but it's
> > probably worth considering this properly.
> 
> No, it should be a hard-stop error because in many instances it's a
> security flaw if the input string is in any way controlled by a
> potential attacker:
> http://en.wikipedia.org/wiki/Format_string_vulnerabilities

For what it's worth I just fixed the ones I saw in the rhythmbox
code. 

>From a quick evaluation I didn't see any that were obviously controlled
by a potential attacker (e.g. downloaded filenames, network input), but
I'm less sure that the strings couldn't have format specifiers in them
and likely that would be a segfault at least.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]