Status: New Owner: ---- Labels: Type-Defect Priority-Medium
New issue 129 by damien.c...@gmail.com: Bad use of print() in cogit.c http://code.google.com/p/cog/issues/detail?id=129
When using printf(), we should always make sure that the first argument is a literal (for security reasons). There is one line where this is not true in cogit.c, see this patch https://github.com/pharo-project/pharo-vm-ubuntu/blob/0b2b2c4e9a384107dfc4a4...
On Sun, Apr 21, 2013 at 8:50 AM, cog@googlecode.com wrote:
Status: New Owner: ---- Labels: Type-Defect Priority-Medium
New issue 129 by damien.c...@gmail.com: Bad use of print() in cogit.c http://code.google.com/p/cog/**issues/detail?id=129http://code.google.com/p/cog/issues/detail?id=129
When using printf(), we should always make sure that the first argument is a literal (for security reasons). There is one line where this is not true in cogit.c, see this patch https://github.com/pharo-** project/pharo-vm-ubuntu/blob/**0b2b2c4e9a384107dfc4a4e19f396e** c4aab8f2f7/debian/patches/**source-hardening.patchhttps://github.com/pharo-project/pharo-vm-ubuntu/blob/0b2b2c4e9a384107dfc4a4e19f396ec4aab8f2f7/debian/patches/source-hardening.patch
Bollocks.
-- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/**hosting/settingshttps://code.google.com/hosting/settings
Comment #1 on issue 129 by guillermopolito@gmail.com: Bad use of print() in cogit.c http://code.google.com/p/cog/issues/detail?id=129
Mirrored in https://pharo.fogbugz.com/default.asp?11386#82905
vm-dev@lists.squeakfoundation.org