Re: mass bug filing for undefined sn?printf use

To: debian-devel@lists.debian.org
Subject: Re: mass bug filing for undefined sn?printf use
From: Steve Langasek <vorlon@debian.org>
Date: Sun, 28 Dec 2008 13:51:45 -0600
Message-id: <[🔎] 20081228195145.GB24765@dario.dodds.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20081228084246.GE12532@outflux.net>
References: <[🔎] 20081228084246.GE12532@outflux.net>

On Sun, Dec 28, 2008 at 12:42:46AM -0800, Kees Cook wrote:
> samba

Another false positive, AFAICS:

$   pcregrep -rM 'sprintf\s*\(\s*([^,]*)\s*,\s*"%s[^"]*"\s*,\s*\1\s*,' source
source/libads/kerberos.c:	fname = talloc_asprintf(dname, "%s/krb5.conf.%s", dname, domain);
$

Perhaps adding a \b to the front of the regexp would be appropriate?

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Reply to:

Follow-Ups:
- Re: mass bug filing for undefined sn?printf use
  - From: Kees Cook <kees@outflux.net>

References:
- mass bug filing for undefined sn?printf use
  - From: Kees Cook <kees@outflux.net>

Prev by Date: Re: "Debian women may leave due to 'sexist' post"
Next by Date: Re: "Debian women may leave due to 'sexist' post"
Previous by thread: Re: mass bug filing for undefined sn?printf use
Next by thread: Re: mass bug filing for undefined sn?printf use
Index(es):
- Date
- Thread