| Summary: | invalid printf(ptr); on applets/usage_pod.c | ||
|---|---|---|---|
| Product: | Busybox | Reporter: | Ilya <semibiotic> |
| Component: | Standard Compliance | Assignee: | unassigned |
| Status: | RESOLVED INVALID | ||
| Severity: | minor | CC: | busybox-cvs |
| Priority: | P5 | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Host: | Target: | ||
| Build: | |||
(In reply to comment #0) > I would switch it with "printf("%s", ptr);" or "fputs(ptr, stdout);" Not a good idea - > which both, though, take more .text memory. Exactly. In that event, this, probably, should be well commented on ? Not a bug. (Need to find a way to shut gcc up)... |
Good time of day, On module applets/usage_pod.c, there is invalid printf() call w/ raw string pointer as format. on 1.18-stable it look like printf(usage_array[i].aname); (applets/usage_pod.c:74) This method (causes resonable compiler warnings) is used with no visible reason (and/or comments) - there is no any post-format arguments. It's not quite exploitable as security hole (because uses compiled-in string array), but that isn't makes it less ugly. I would switch it with "printf("%s", ptr);" or "fputs(ptr, stdout);", which both, though, take more .text memory. Kind regards.