This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: format string vulnerabilities in c++filt
- From: Alan Modra <amodra at bigpond dot net dot au>
- To: Chris Rohlf <chris dot rohlf at gmail dot com>
- Cc: binutils at sourceware dot org
- Date: Mon, 26 Nov 2007 12:23:33 +1030
- Subject: Re: format string vulnerabilities in c++filt
- References: <1681f2df0711220939p4af90e24n814ee0abf46bbf42@mail.gmail.com>
On Thu, Nov 22, 2007 at 12:39:09PM -0500, Chris Rohlf wrote:
> There are two format string vulnerabilities in c++filt program of binutils.
Fixed.
* cxxfilt.c (demangle_it): Don't call printf without format string.
Index: binutils/cxxfilt.c
===================================================================
RCS file: /cvs/src/src/binutils/cxxfilt.c,v
retrieving revision 1.14
diff -u -p -r1.14 cxxfilt.c
--- binutils/cxxfilt.c 5 Jul 2007 16:54:45 -0000 1.14
+++ binutils/cxxfilt.c 26 Nov 2007 01:52:18 -0000
@@ -63,12 +63,12 @@ demangle_it (char *mangled_name)
result = cplus_demangle (mangled_name + skip_first, flags);
if (result == NULL)
- printf (mangled_name);
+ printf ("%s", mangled_name);
else
{
if (mangled_name[0] == '.')
putchar ('.');
- printf (result);
+ printf ("%s", result);
free (result);
}
}
--
Alan Modra
Australia Development Lab, IBM