Date: Tue, 14 Aug 2001 20:25:52 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Bruce Evans <bde@zeta.org.au> Cc: Seth Kingsley <seth.kingsley@windriver.com>, Kris Kennaway <kris@obsecurity.org>, obrien@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: WFORMAT=1 errors Message-ID: <20010814202552.B44589@xor.obsecurity.org> In-Reply-To: <20010815113407.X17074-100000@besplex.bde.org>; from bde@zeta.org.au on Wed, Aug 15, 2001 at 11:47:55AM %2B1000 References: <20010814140659.C12506@meow.lab.nuxi.com> <20010815113407.X17074-100000@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--OwLcNYc0lM97+oe1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Aug 15, 2001 at 11:47:55AM +1000, Bruce Evans wrote: > No (modulo bugs). Format strings that have been constructed at runtime > (e.g., using sprintf(), or read from a message catalog) can't pass the > WFORMAT=1 checks, since a different construction might give buffer > overruns or arg mismatches. Actually, fmtcheck() can be used to sanitize variable format strings and silence the warning - but it isn't always convenient to use. For one thing, there isn't always a good default format string to use in case of format string/argument mismatch: I haven't thought of anything better to use in this case other than something like "Recovered format string error: %s %s %x" or similar :-/ Other common causes of the warning are using a switch() to format arguments of different types in different cases (fmt="%c", fmt="%x", fmt="%d" etc). Sometimes these cases can be rewritten to avoid the need to assign a format string variable, but it can also be inconvenient. It would be nice to be able to silence gcc in the cases where you know within the logic of the code that the format string can never be abused. Kris --OwLcNYc0lM97+oe1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7eevAWry0BWjoQKURAnXsAJ4vcUj6cVgrvy0zJO3c0dI6zJHa0wCfXE73 PI9daIo9jsT2uTUriVcUb2A= =WI5V -----END PGP SIGNATURE----- --OwLcNYc0lM97+oe1-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010814202552.B44589>