Re: [xml] Review of xmlGenericError use
- From: Daniel Veillard <veillard redhat com>
- To: Justin Fletcher <justin fletcher ntlworld com>
- Cc: xml gnome org
- Subject: Re: [xml] Review of xmlGenericError use
- Date: Sat, 27 Oct 2001 12:10:57 -0400
On Sat, Oct 27, 2001 at 02:07:22PM +0100, Justin Fletcher wrote:
I'm looking through these because... well, I thought it was a good idea
to check that they were valid and had a few spare minutes which I decided
to use on this...
xmlGenericError(xmlGenericErrorContext, "error: ");
if (str != NULL)
Should have the third line saying :
xmlGenericError(xmlGenericErrorContext, "%s", str);
because str is the formatted form and may contain %'s from the users
input embedded in the formatted version.
Yep, it's BAAAD, and there is a few places where the convention are not
Other parts of this file have similar problems.
[diffs attached as error.diff]
nanoftp.c:759 (and others) have a very similar issue for user names,
passwords, and a few other bits;
[diffs attached as nanoftp/diff]
thanks for the diff, I gonna appy them ASAP,
I couldn't find any similar problems in libxslt.
I couldn't find any problems with the sax->error(context, format...) calls,
Please understand that this was a /really/ quick look through the code for
this problem, so I may have missed some places.
There might be a few other places, thanks a lot !
Daniel Veillard | Red Hat Network http://redhat.com/products/network/
veillard redhat com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
] [Thread Prev