OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: StackGuard with ... Re: [Paper] Format bugs.
From: Casper Dik (Casper.DikHOLLAND.SUN.COM)
Date: Mon Jul 24 2000 - 14:50:35 CDT

>The first thing to do is turn on the damn compiler warnings, because more
>and more compilers actually do check printf-like parameters for you. GNU C
>does this, as do numerous commercial compilers:
>
> $ cat test.c
> #include <stdio.h>
>
> int main(void)
> {
> printf("i = %d\n"); <--- missing parameter!
> }

And, e.g., Sun lint supports this too:

cat x.c
#include <stdio.h>
/* PRINTFLIKE1 */
extern setproctitle(const char *fmt, ...);

int main(int argc, char *argv[])
{
     printf("i = %d\n");
     setproctitle("%s");
     setproctitle(argv[0]);

}
% lint x.c
(12) warning: Function has no return statement : main

argument unused in function
    (6) argc in main

function falls off bottom without returning value
    (12) main

function returns value which is always ignored
    printf

too few arguments for format
    printf x.c(8)
    setproctitle x.c(9)

(Not setproctitle in Solaris, just an exampel of how
to declare such a function)

Of course, this shows a weakness too. Standard broken usage
such as "*printf(s)" doesnt' get flagged..

Casper