Re: FTBFS if "-Werror=format-security" flag is used

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/05/2013 12:11 AM, Ian Pilcher wrote:

On 12/04/2013 04:56 PM, Brendan Jones wrote:

Patching is not a problem. Unnecessary is the question. Explain to me
(not you in particular Rahul) how these printf's can possibly be exploited?


   char *output;

   output = get_user_input(...);
   printf(output);

What happens when the user enters %n?
I remain unconvinced. Exploit my system with one of ams, aubio, hydrogen, jack-keyboard, phasex, portmidi or yoshimi. 

I just can't see it
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux