Horst von Brand <vonbrandat_private> writes: > Markus Friedl <markus.friedlat_private-erlangen.de> said: > > On Sun, May 27, 2001 at 02:50:43AM -0700, Crispin Cowan wrote: > > > WireX is pleased to announce the broad release of FormatGuard 1.0, the > > > latest member of the Immunix security tool suite. Similar to StackGuard > > > http://immunix.org/stackguard.html , FormatGuard provides run-time > > > protection against printf format string vulnerabilities > > > http://www.securityfocus.com/archive/1/81565 > > > nice. i asume that formatguard lead to the discovery of many format > > string bugs. do you have a list of problems discovered by formatguard? > > do you have a collection of bugfixes that can be shared with the > > public? > > For constant format strings, gcc will catch them if given correct > prototypes (i.e., when using glibc's headers). This will even catch errors > in functions that use the same format conventions (ginen the right > proptotypes), but have nothing else in common with printf and ilk. > So I suspect the number of errors caught is minor. The number will possibly be low, but each incident will probably be serious. I'm also not sure which version of gcc you're talking about, I'd heard that people were trying to get something in for gcc-3.0 but as far as I know it wouldn't be anything that would warn on one of the following cases... 1. const char *tmp = /* blah */; printf(tmp); 2. const char *tmp = "blah"; printf(tmp); ...the first possibly being bad, and the second being ok. The idea being that the new warning in gcc would just warn if the fmt argument wasn't inline (which may be useful but I'm not sure how many would add it). -- # James Antill -- jamesat_private :0: * ^From: .*james@and\.org /dev/null
This archive was generated by hypermail 2b30 : Tue May 29 2001 - 11:50:32 PDT