From owner-freebsd-audit Mon Aug 13 17:41:14 2001 Delivered-To: freebsd-audit@freebsd.org Received: from meow.lab.nuxi.com (meow.lab.nuxi.com [66.123.5.2]) by hub.freebsd.org (Postfix) with ESMTP id 5CF8E37B405; Mon, 13 Aug 2001 17:41:11 -0700 (PDT) (envelope-from sethk@meow.lab.nuxi.com) Received: (from sethk@localhost) by meow.lab.nuxi.com (8.11.4/8.11.2) id f7E0e1235221; Mon, 13 Aug 2001 17:40:01 -0700 (PDT) (envelope-from sethk) Date: Mon, 13 Aug 2001 17:40:01 -0700 From: Seth Kingsley To: Kris Kennaway , obrien@freebsd.org Cc: audit@freebsd.org Subject: Re: WFORMAT=1 errors Message-ID: <20010813174001.B33585@meow.lab.nuxi.com> References: <20010810182125.A47936@xor.obsecurity.org> <20010810194150.A71696@meow.lab.nuxi.com> <20010810202002.A49763@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="cvVnyQ+4j833TQvp" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010810202002.A49763@xor.obsecurity.org>; from kris@obsecurity.org on Fri, Aug 10, 2001 at 08:20:02PM -0700 Organization: Wind River Systems X-Operating-System: FreeBSD 4.3-STABLE i386 X-GPG-Key-ID: 1024D/5C413B08 X-GPG-Key-Fingerprint: F772 5D24 02B4 D233 90F5 080F 0F50 3298 5C41 3B08 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --cvVnyQ+4j833TQvp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 10, 2001 at 08:20:02PM -0700, Kris Kennaway wrote: > On Fri, Aug 10, 2001 at 07:41:50PM -0700, Seth Kingsley wrote: > > On Fri, Aug 10, 2001 at 06:21:26PM -0700, Kris Kennaway wrote: > > > In the meantime, does anyone feel like fixing some of > > > the following from usr.bin/ > >=20 > > I'll take usr.bin/make, I've been working on some other modernizations > > of it recently. >=20 > Excellent, thanks! I'm running into a problem here with format strings that are being used safely as pointers to string constants, but eliciting warnings because they are not literal string constants. The following test program should _not_ cause warnings because of a non-constant format. Unless I am misunderstanding the purpose of this kind of format parameter auditing, passing a pointer to string const should be perfectly acceptable. And as it is used in usr.bin/make, there is obviously no security issue with this. #include int main(void) { const char *fmt =3D "%s\n"; printf(fmt, "Hello World"); return 0; } I tried to modify /usr/src/contrib/gcc.295/c-common.c:check_format_info to test the qualifiers of the string passed instead of merely testing against it being a string constant. I could not discern how to trace the parse tree for the format parameter back to the qualifiers used in it's decleration. This is something that somebody else would be able to figure out much more readily. If David is not willing to look at this right now, then maybe I can appeal to the NetBSD people, where this type of warning option came from? --=20 || Seth Kingsley || Platforms Lab Opps || seth.kingsley@windriver.com || --cvVnyQ+4j833TQvp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7eHNhD1AymFxBOwgRAubDAJwIBZNe23B8AYF1U5M5/jp5KC0JkwCfbvj1 Dh0+XUfInmFuKUIvzF8FH1A= =tAbw -----END PGP SIGNATURE----- --cvVnyQ+4j833TQvp-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message