[Bug 4015] New: invalid printf(ptr); on applets/usage_pod.c

bugzilla at busybox.net bugzilla at busybox.net
Thu Jul 28 07:26:37 UTC 2011


           Summary: invalid printf(ptr); on applets/usage_pod.c
           Product: Busybox
           Version: unspecified
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: Standard Compliance
        AssignedTo: unassigned at busybox.net
        ReportedBy: semibiotic at mail.ru
                CC: busybox-cvs at busybox.net
   Estimated Hours: 0.0

Good time of day,

On module applets/usage_pod.c, there is invalid printf() call w/ raw string
pointer as format. 

  on 1.18-stable it look like 



This method (causes resonable compiler warnings) is used with no visible reason
(and/or comments) - there is no any post-format arguments. It's not quite
exploitable as security hole (because uses compiled-in string array), but that
isn't makes it less ugly.

I would switch it with "printf("%s", ptr);" or "fputs(ptr, stdout);", which
both, though, take more .text memory.

Kind regards.

Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the busybox-cvs mailing list