FTBFS if "-Werror=format-security" flag is used
Ian Pilcher
arequipeno at gmail.com
Wed Dec 4 23:11:16 UTC 2013
On 12/04/2013 04:56 PM, Brendan Jones wrote:
> Patching is not a problem. Unnecessary is the question. Explain to me
> (not you in particular Rahul) how these printf's can possibly be exploited?
char *output;
output = get_user_input(...);
printf(output);
What happens when the user enters %n?
--
========================================================================
Ian Pilcher arequipeno at gmail.com
Sent from the cloud -- where it's already tomorrow
========================================================================
More information about the devel
mailing list