4015 – invalid printf(ptr); on applets/usage_pod.c

Bug 4015 - invalid printf(ptr); on applets/usage_pod.c

Summary: invalid printf(ptr); on applets/usage_pod.c

Status:	RESOLVED INVALID

Alias:	None

Product:	Busybox
Classification:	Unclassified
Component:	Standard Compliance (show other bugs)
Version:	unspecified
Hardware:	All Linux

Importance:	P5 minor
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-07-28 07:26 UTC by Ilya
Modified:	2011-09-10 15:13 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ilya 2011-07-28 07:26:36 UTC

Good time of day,

On module applets/usage_pod.c, there is invalid printf() call w/ raw string pointer as format. 

  on 1.18-stable it look like 

     printf(usage_array[i].aname);

(applets/usage_pod.c:74)

This method (causes resonable compiler warnings) is used with no visible reason (and/or comments) - there is no any post-format arguments. It's not quite exploitable as security hole (because uses compiled-in string array), but that isn't makes it less ugly.

I would switch it with "printf("%s", ptr);" or "fputs(ptr, stdout);", which both, though, take more .text memory.

Kind regards.

Comment 1 Denys Vlasenko 2011-07-29 16:39:24 UTC

(In reply to comment #0)
> I would switch it with "printf("%s", ptr);" or "fputs(ptr, stdout);"

Not a good idea -

> which both, though, take more .text memory.

Exactly.

Comment 2 Ilya 2011-08-11 14:11:24 UTC

In that event, this, probably, should be well commented on ?

Comment 3 Denys Vlasenko 2011-09-10 15:13:21 UTC

Not a bug. (Need to find a way to shut gcc up)...