This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
[PATCH] gas/config/tc-score7.c: Use "%s" parameter instead of string parameter in sprintf().
- From: Chen Gang <gang dot chen dot 5i5j at gmail dot com>
- To: amodra at gmail dot com, matthew dot fortune at imgtec dot com, nickc at redhat dot com
- Cc: binutils at sourceware dot org, Andreas Schwab <schwab at linux-m68k dot org>, palves at redhat dot com
- Date: Wed, 04 Jun 2014 09:14:13 +0800
- Subject: [PATCH] gas/config/tc-score7.c: Use "%s" parameter instead of string parameter in sprintf().
- Authentication-results: sourceware.org; auth=none
sprintf() treat 2nd parameter as a string, and also recognize its'
special characters (e.g '%d'). If 'insnstr' may content special
characters in future, it may cause issue.
So recommend to use "%s" instead of. The related warning (build for
score-elf):
In file included from ../../binutils-gdb/gas/config/tc-score.c:25:0:
../../binutils-gdb/gas/config/tc-score7.c: In function ‘s7_parse_pce_inst’:
../../binutils-gdb/gas/config/tc-score7.c:5340:7: warning: format not a string literal and no format arguments [-Wformat-security]
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
---
gas/config/tc-score7.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gas/config/tc-score7.c b/gas/config/tc-score7.c
index 0a0db2d..0bae545 100644
--- a/gas/config/tc-score7.c
+++ b/gas/config/tc-score7.c
@@ -5337,7 +5337,7 @@ s7_parse_pce_inst (char *insnstr)
|| ((pec_part_1.size == s7_INSN16_SIZE) && (s7_inst.size == s7_INSN_SIZE)))
{
s7_inst.error = _("pce instruction error (16 bit || 16 bit)'");
- sprintf (s7_inst.str, insnstr);
+ sprintf (s7_inst.str, "%s", insnstr);
return;
}
--
1.9.2.459.g68773ac