On Mon, Oct 26, 2009 at 12:06:41PM +0100, Stefan Sperling wrote:
> On Mon, Oct 26, 2009 at 04:13:48PM +0530, Kannan wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> >
> > Log:
> > Resolve "format not a string literal and no format arguments found" warning.
> >
> > * subversion/libsvn_subr/io.c
> > (do_io_file_wrapper_cleanup): Add the format specifier "%s", which
> > fixes the warning.
>
> We have those warnings all over the place, so if you want to fix
> them all you're gonna be busy for a while.
> But I'd love to see them fixed, because each of them is a possible
> format-string vulnerability.
By the way, the proper way to fix this would be to make a list of all
functions used by Subversion which accept a format string, and then go
through this list and check every occurance of each function throughout
the entire code base (grep is your friend).
Once that is done, we need to review all commits as they come in for
changes re-introducing the anti-pattern of passing a buffer where a format
string is expected.
Just relying on the compiler to warn about this could be a bad idea.
Stefan
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2411347
Received on 2009-10-26 12:15:44 CET