Horst von Brand <vonbrandat_private> writes: > James Antill <jamesat_private> said: > > [...] > > > The number will possibly be low, but each incident will probably be > > serious. I'm also not sure which version of gcc you're talking about, > > I'd heard that people were trying to get something in for gcc-3.0 but > > as far as I know it wouldn't be anything that would warn on one of the > > following cases... > > > > 1. > > > > const char *tmp = /* blah */; > > printf(tmp); > > This is a way printf(3) is rarely used. Yes, it's usualy a bug but yes those bugs are usualy very bad security wise. It is also the only thing that FormatGuard protects against, are we having different conversations? -- # James Antill -- jamesat_private :0: * ^From: .*james@and\.org /dev/null _______________________________________________ Immunix-users mailing list Immunix-usersat_private http://mail.wirex.com/mailman/listinfo/immunix-users
This archive was generated by hypermail 2b30 : Wed May 30 2001 - 09:38:16 PDT