Re: [PATCH] Fix 'no format arguments found' warning

From: Kannan <kannanr_at_collab.net>
Date: Mon, 26 Oct 2009 16:59:27 +0530

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stefan Sperling wrote:
> On Mon, Oct 26, 2009 at 12:06:41PM +0100, Stefan Sperling wrote:
>> On Mon, Oct 26, 2009 at 04:13:48PM +0530, Kannan wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>>
>>> Log:
>>> Resolve "format not a string literal and no format arguments found" warning.
>>>
>>> * subversion/libsvn_subr/io.c
>>> (do_io_file_wrapper_cleanup): Add the format specifier "%s", which
>>> fixes the warning.
>> We have those warnings all over the place, so if you want to fix
>> them all you're gonna be busy for a while.
>> But I'd love to see them fixed, because each of them is a possible
>> format-string vulnerability.

  The ones which appear in bulk are "format not a string literal,
  argument types not checked" whereas the one(the only one found AFAIK)
  fixed here is that of "format not a string literal and no format
  arguments found". Anyways need to fix them too.

> By the way, the proper way to fix this would be to make a list of all
> functions used by Subversion which accept a format string, and then go
> through this list and check every occurance of each function throughout
> the entire code base (grep is your friend).
> Once that is done, we need to review all commits as they come in for
> changes re-introducing the anti-pattern of passing a buffer where a format
> string is expected.
>
> Just relying on the compiler to warn about this could be a bad idea.

+1. Herewith I've attached the updated patch as per your comments.

- --
Regards,
Kannan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBSuWIFnlTqcY7ytmIAQKiJwf+J+Nn/0REHSNvecj2pcb8wYPhKiiE7dER
ZQL90XlNPkE0TPt7jw9OwE52eB658//nWCSNrCKDnQJb8fOrdu+8nnlOuX4dRCAe
edJeRJIJlSxJGr8e8GK93yCNZ3dcXhkvQohiCk4hrIdRtnI+8hNFNwHKeFIly/Hn
cm6zt10wqyjGPxn0A7ikSzkanmux8O80c2ZUlcRFio2ir8DqCB47wNPmxWtxavsQ
iCk868/+57eRof7XZIelgc6u+1hYMpQmYnHdKoDD38Wqvaf4TOzGi827NwipqCBt
zd9fVsa+Hgdf//FEoVZljI8rv4i/HrXWkezRYspzKrNaP2679NxVBw==
=K/ZF
-----END PGP SIGNATURE-----

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2411350

text/x-diff attachment: fix-no_format_arg.patch

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on 2009-10-26 12:29:52 CET

This message: [ Message body ]
Next message: Bhuvaneswaran A: "Re: [PATCH] Include milliseconds in test report"
Previous message: Stefan Sperling: "Re: [PATCH] Fix 'no format arguments found' warning"
In reply to: Stefan Sperling: "Re: [PATCH] Fix 'no format arguments found' warning"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]