Closed Bug 148257 Opened 20 years ago Closed 20 years ago

flawfinder warnings in XUL C++ code

Categories

(Core :: XUL, defect)

Product:
Core
Component:
XUL
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: hjtoi-bugzilla, Assigned: hyatt)

References

(
URL
)

Details

Attachments

(1 file, 1 obsolete file)

I have cut out the obvious false positives and added some comments; please disregard the attachment above and use this one instead.
2.80 KB, text/html
Details 
I run flawfinder (http://www.dwheeler.com/flawfinder) on Mozilla 1.0.1 branch.

flawfinder found 42 warnings in XUL code (3619-3644 and 4595-4610). Go through
that list and for each warning:

* If it is false positive, comment here why it is not an issue
* If it is a real issue, make patch for it here and let's get them checked in

In addition the checking the branch, also check the trunk.

I will attach a subset of the URL that only has the XUL warnings since the full
file is behind NS firewall and it is so big.
Blocks: 148251
I verified all these myself. They're either sprintf with format "%d" and a
buffer of at least 50 characters (plenty), or they're sprintfs in DEBUG code.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → WORKSFORME
Group: security?
Component: XP Toolkit/Widgets: XUL → XUL
QA Contact: shrir → xptoolkit.widgets
You need to log in before you can comment on or make changes to this bug.