Re: FTBFS if "-Werror=format-security" flag is used

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/09/2013 03:33 PM, Przemek Klosowski wrote:
On 12/06/2013 09:21 AM, Ralf Corsepius wrote:

printf(string) is legitimate C, forcing "printf("%s", string) is just silly.

My apologies for being repetitive, but the original point is that printf(string) is insecure unless you can guarantee that you control 'string' now and forever. Also,  %s is the format for printing strings, so I just can't agree that coding printf("%s", string) is silly.

Silly is not the right word.  printf("%s", string) is inefficient.  In this case, it would be better to use puts/fputs.




-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux