flawfinder warnings in XML Extras

RESOLVED INVALID

Status

()

Core
XML
RESOLVED INVALID
16 years ago
15 years ago

People

(Reporter: Heikki Toivonen (remove -bugzilla when emailing directly), Assigned: Ray Whitmer)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

I run flawfinder (http://www.dwheeler.com/flawfinder) on Mozilla 1.0.1 branch.

flawfinder found 1 warning in XMLExtras code (1519).

If it is false positive, comment here why it is not an issue. If it is a real
issue, make patch for it here and let's get it checked in.

In addition the checking the branch, also check the trunk.

The warning:

1519) extensions/xmlextras/soap/src/nsHTTPSOAPTransport.cpp:79 [4] (format)
printf: if format strings can be influenced by an attacker, they can be
exploited. Use a constant for the format specification.

Updated

16 years ago
Blocks: 148251
(Assignee)

Comment 1

16 years ago
This is not a real security problem.

In this case, printf is being called by a macro invocation, and one of the macro
arguments is being used in the format string.  Since the macro argument is
immediately followed by a string literal with no operation or function specified
in between, the compiler does string concatenation, and any attempt to pass
anything but a literal in as the macro argument will fail (except perhaps
extremely complicated cases where the user is trying to fool the macro).
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED
Verified. This call is robust and unlikely to be misused in the future.
Status: RESOLVED → VERIFIED
Group: security?

Comment 3

16 years ago
1 more flawfind warning for soap (4363).  Reopening

4363) extensions/xmlextras/soap/src/nsHTTPSOAPTransport.cpp:79 [4] (format)
printf: if format strings can be influenced by an attacker, they can be
exploited. Use a constant for the format specification.

Status: VERIFIED → REOPENED
Resolution: FIXED → ---
Duplicate warnings, closing again.
Status: REOPENED → RESOLVED
Last Resolved: 16 years ago16 years ago
Resolution: --- → INVALID

Updated

15 years ago
QA Contact: petersen → rakeshmishra
You need to log in before you can comment on or make changes to this bug.