[Vm-dev] Issue 129 in cog: Bad use of print() in cogit.c
Eliot Miranda
eliot.miranda at gmail.com
Mon Apr 22 17:57:09 UTC 2013
On Sun, Apr 21, 2013 at 8:50 AM, <cog at googlecode.com> wrote:
>
> Status: New
> Owner: ----
> Labels: Type-Defect Priority-Medium
>
> New issue 129 by damien.c... at gmail.com: Bad use of print() in cogit.c
> http://code.google.com/p/cog/**issues/detail?id=129<http://code.google.com/p/cog/issues/detail?id=129>
>
> When using printf(), we should always make sure that the first argument is
> a literal (for security reasons). There is one line where this is not true
> in cogit.c, see this patch https://github.com/pharo-**
> project/pharo-vm-ubuntu/blob/**0b2b2c4e9a384107dfc4a4e19f396e**
> c4aab8f2f7/debian/patches/**source-hardening.patch<https://github.com/pharo-project/pharo-vm-ubuntu/blob/0b2b2c4e9a384107dfc4a4e19f396ec4aab8f2f7/debian/patches/source-hardening.patch>
Bollocks.
>
>
> --
> You received this message because this project is configured to send all
> issue notifications to this address.
> You may adjust your notification preferences at:
> https://code.google.com/**hosting/settings<https://code.google.com/hosting/settings>
>
--
best,
Eliot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/vm-dev/attachments/20130422/abb8fdd0/attachment-0001.htm
More information about the Vm-dev
mailing list