PATCH: string format errors

bug-groff

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PATCH: string format errors

From:	Paulo Ricardo Zanoni
Subject:	PATCH: string format errors
Date:	Thu, 19 Nov 2009 14:51:32 -0200

Hi.

Using "printf(string);" is dangerous, might lead to bugs and even
security issues. If the string being printed contains the "%" character
one can do really dangerous things. Even if you think the string in
question might not be dangerous, future code changes might lead that
piece of code to bugs or security holes.

Some distributions (like Mandriva) even compile all their sources with
the "-Wformat -Werror=format-security" GCC flag.

In most cases the patch is very simple: just replace "printf(string)"
with "printf("%s", string)". This is the case of Groff =)

The attached patch was made for the 1.20.1 version but also applies to
the current cvs checkout.

Some references:
http://wiki.mandriva.com/en/Development/Packaging/Problems#format_not_a_string_literal_and_no_format_arguments
http://wiki.debian.org/Hardening#DEBBUILDHARDENINGFORMAT.28gcc.2BAC8-g.2B-.2B--Wformat-Wformat-security.29
http://en.wikipedia.org/wiki/Format_string_attack

Thanks,
Paulo.

groff-1.20.1-string-format-error.patch
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

PATCH: string format errors, Paulo Ricardo Zanoni <=
- Re: PATCH: string format errors, Werner LEMBERG, 2009/11/20

Prev by Date: footnote continues emptily to next page
Next by Date: Re: PATCH: string format errors
Previous by thread: footnote continues emptily to next page
Next by thread: Re: PATCH: string format errors
Index(es):
- Date
- Thread