[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-bugs] [Bug 1675] Build error tools/libxl/libxl.c "error: format not a string literal and no format arguments"

To: xen-bugs@xxxxxxxxxxxxxxxxxxx
From: bugzilla-daemon@xxxxxxxxxxxxxxxxxxx
Date: Sat, 23 Oct 2010 07:54:05 -0700
Delivery-date: Sat, 23 Oct 2010 07:54:13 -0700
List-id: Xen Bugzilla <xen-bugs.lists.xensource.com>

http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1675


kth3321@xxxxxxxxx changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED
            Summary|Build error                 |Build error
                   |"tools/libxl/libxl.c"       |tools/libxl/libxl.c "error:
                   |                            |format not a string literal
                   |                            |and no format arguments"




------- Comment #2 from kth3321@xxxxxxxxx  2010-10-23 07:54 -------
This is printf format error. It's warning message means a security flaw if the
input string is in any way controlled by a potential attacker.
http://en.wikipedia.org/wiki/Format_string_vulnerabilities

--- tools/libxl/libxl.c.org     2010-10-23 23:41:56.536698001 +0900
+++ tools/libxl/libxl.c 2010-10-23 23:43:55.044698000 +0900
@@ -3977,9 +3977,9 @@
         t = xs_transaction_start(ctx->xsh);

         xs_mkdir(ctx->xsh, t, libxl__sprintf(&gc, "/local/pool/%d", *poolid));
-        libxl__xs_write(&gc, t, libxl__sprintf(&gc, "/local/pool/%d/uuid",
*poolid),
+        libxl__xs_write(&gc, t, libxl__sprintf(&gc, "/local/pool/%d/uuid",
*poolid), "%s",
                  uuid_string);
-        libxl__xs_write(&gc, t, libxl__sprintf(&gc, "/local/pool/%d/name",
*poolid),
+        libxl__xs_write(&gc, t, libxl__sprintf(&gc, "/local/pool/%d/name",
*poolid), "%s",
                  name);

         if (xs_transaction_end(ctx->xsh, t, 0) || (errno != EAGAIN))
@@ -4092,7 +4092,7 @@
         if (!vm_path)
             break;

-        libxl__xs_write(&gc, t, libxl__sprintf(&gc, "%s/pool_name", vm_path),
poolname);
+        libxl__xs_write(&gc, t, libxl__sprintf(&gc, "%s/pool_name", vm_path),
"%s", poolname);

         if (xs_transaction_end(ctx->xsh, t, 0) || (errno != EAGAIN))
             break;


-- 
Configure bugmail: 
http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-bugs

References:
- [Xen-bugs] [Bug 1675] New: Build error "tools/libxl/libxl.c"
  - From: bugzilla-daemon

Prev by Date: [Xen-bugs] [Bug 1675] Build error "tools/libxl/libxl.c"
Next by Date: [Xen-bugs] [Bug 1675] Build error tools/libxl/libxl.c "error: format not a string literal and no format arguments"
Previous by thread: [Xen-bugs] [Bug 1675] Build error "tools/libxl/libxl.c"
Next by thread: [Xen-bugs] [Bug 1675] Build error tools/libxl/libxl.c "error: format not a string literal and no format arguments"
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.