This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: format string vulnerabilities in c++filt

From: Alan Modra <amodra at bigpond dot net dot au>
To: Chris Rohlf <chris dot rohlf at gmail dot com>
Cc: binutils at sourceware dot org
Date: Mon, 26 Nov 2007 12:23:33 +1030
Subject: Re: format string vulnerabilities in c++filt
References: <1681f2df0711220939p4af90e24n814ee0abf46bbf42@mail.gmail.com>

On Thu, Nov 22, 2007 at 12:39:09PM -0500, Chris Rohlf wrote:
> There are two format string vulnerabilities in c++filt program of binutils.

Fixed.

	* cxxfilt.c (demangle_it): Don't call printf without format string.

Index: binutils/cxxfilt.c
===================================================================
RCS file: /cvs/src/src/binutils/cxxfilt.c,v
retrieving revision 1.14
diff -u -p -r1.14 cxxfilt.c
--- binutils/cxxfilt.c	5 Jul 2007 16:54:45 -0000	1.14
+++ binutils/cxxfilt.c	26 Nov 2007 01:52:18 -0000
@@ -63,12 +63,12 @@ demangle_it (char *mangled_name)
   result = cplus_demangle (mangled_name + skip_first, flags);
 
   if (result == NULL)
-    printf (mangled_name);
+    printf ("%s", mangled_name);
   else
     {
       if (mangled_name[0] == '.')
 	putchar ('.');
-      printf (result);
+      printf ("%s", result);
       free (result);
     }
 }

-- 
Alan Modra
Australia Development Lab, IBM

References:
- format string vulnerabilities in c++filt
  - From: Chris Rohlf

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]