Re: FormatGuard

From: James Antill (jamesat_private)
Date: Wed May 30 2001 - 09:35:42 PDT

  • Next message: Crispin Cowan: "Re: FormatGuard"

    Horst von Brand <vonbrandat_private> writes:
    
    > James Antill <jamesat_private> said:
    > 
    > [...]
    > 
    > >  The number will possibly be low, but each incident will probably be
    > > serious. I'm also not sure which version of gcc you're talking about,
    > > I'd heard that people were trying to get something in for gcc-3.0 but
    > > as far as I know it wouldn't be anything that would warn on one of the
    > > following cases...
    > > 
    > > 1.
    > > 
    > > const char *tmp = /* blah */;
    > > printf(tmp);
    > 
    > This is a way printf(3) is rarely used.
    
     Yes, it's usualy a bug but yes those bugs are usualy very bad
    security wise.
    
     It is also the only thing that FormatGuard protects against, are we
    having different conversations?
    
    -- 
    # James Antill -- jamesat_private
    :0:
    * ^From: .*james@and\.org
    /dev/null
    
    _______________________________________________
    Immunix-users mailing list
    Immunix-usersat_private
    http://mail.wirex.com/mailman/listinfo/immunix-users
    



    This archive was generated by hypermail 2b30 : Wed May 30 2001 - 09:38:16 PDT