Date: Wed, 15 Aug 2001 14:01:49 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: Seth Kingsley <seth.kingsley@windriver.com> Cc: Kris Kennaway <kris@obsecurity.org>, <obrien@FreeBSD.ORG>, <audit@FreeBSD.ORG> Subject: Re: WFORMAT=1 errors Message-ID: <20010815132535.A17665-100000@besplex.bde.org> In-Reply-To: <20010814195628.F12506@meow.lab.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 14 Aug 2001, Seth Kingsley wrote: > On Wed, Aug 15, 2001 at 11:47:55AM +1000, Bruce Evans wrote: > > On Tue, 14 Aug 2001, Seth Kingsley wrote: > > > > > > struct shell_desc { > > > const char *echo_fmt; > > > }; > > > > > > static struct shell_desc sh_desc = {"echo \"%s\""}; > > > > > > sprintf(cmd, sh_desc, echo_str); > > > > > > Is there any way around this? > > > > No (modulo bugs). Format strings that have been constructed at runtime > > (e.g., using sprintf(), or read from a message catalog) can't pass the > > WFORMAT=1 checks, since a different construction might give buffer > > overruns or arg mismatches. > > Argh, but this code snippet is clearly not in violation of those rules. But it is. shell_desc is a trivial message catalog which you happen never to change. In make/job.c, the message catalog is sometimes "read" from shells[shellnum], but it is read from makefiles for the .SHELL directive! See jobParseShell() and the make tutorial. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010815132535.A17665-100000>