]> granicus.if.org Git - gc/commit
projects / gc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2b05bf3) | patch
Suppress 'tainted string passed to vulnerable operation' false defects
authorIvan Maidanski <ivmai@mail.ru>
Tue, 15 Nov 2016 07:48:31 +0000 (10:48 +0300)
committerIvan Maidanski <ivmai@mail.ru>
Sun, 27 Nov 2016 07:12:41 +0000 (10:12 +0300)
commit0ae461eb775d276a24a34defd3312cb80e88d33a
tree9ef8c94350f5a7b79495924f90bf1154a091d3ebtree | snapshot
parent2b05bf323e3c4d578d193b802836d161f6956733commit | diff
Suppress 'tainted string passed to vulnerable operation' false defects

* include/private/gc_priv.h (TRUSTED_STRING): New tagging macro; add
comment.
* misc.c (GC_init): Process the result of GETENV("GC_LOG_FILE") by
TRUSTED_STRING.
* tools/if_mach.c (main): Process argv[3] by TRUSTED_STRING (before
passing the string to execvp).
* tools/if_not_there.c (main): Declare "fname" local variable;
process argv[1] and argv[2] by TRUSTED_STRING (before passing the
strings to fopen/opendir and execvp, respectively).
include/private/gc_priv.h diff | blob | history
misc.c diff | blob | history
tools/if_mach.c diff | blob | history
tools/if_not_there.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.