#2722 sblim-gather fails to compile when "-Werror=format-security" flag is used

Code_Cleanup
closed-fixed
nobody
None
gather
5
2014-10-10
2014-02-04
No

Hello,

sblim-gather fails to compile with GCC when "-Werror=format-security" flag is used. It's because of usage of fprintf/sprintf/printf functions where the format string is not a string literal and there are no format arguments. This may be a security hole if the format string came from untrusted input and contains %n.

Attached patch fixes this issue.

1 Attachments

Discussion

  • Dave Heller

    Dave Heller - 2014-02-09

    Looks good, thanks. I also updated the makefile so that the flag is included in the default CFLAGS, to prevent future problems.

    Commit [544dde]

     

    Related

    Commit: [544dde]

  • Dave Heller

    Dave Heller - 2014-02-09
    • status: open --> pending-fixed
     
  • Dave Heller

    Dave Heller - 2014-10-10
    • status: pending-fixed --> closed-fixed
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks