]> granicus.if.org Git - gc/commit
projects / gc / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 020538b) | patch
Suppress 'tainted string passed to vulnerable operation' false defects
authorIvan Maidanski <ivmai@mail.ru>
Tue, 15 Nov 2016 07:48:31 +0000 (10:48 +0300)
committerIvan Maidanski <ivmai@mail.ru>
Mon, 6 Feb 2017 18:58:51 +0000 (21:58 +0300)
commit2f7c8923cdb624bef4a52c481864c45efc0d6069
tree15089ae71a096767908ae5d318382dab5258ea01tree | snapshot
parent020538bc95ef65d3fb1ce2c3be13eac24baea05ccommit | diff
Suppress 'tainted string passed to vulnerable operation' false defects

* include/private/gc_priv.h (TRUSTED_STRING): New tagging macro; add
comment.
* misc.c (GC_init): Process the result of GETENV("GC_LOG_FILE") by
TRUSTED_STRING.
* tools/if_mach.c (main): Process argv[3] by TRUSTED_STRING (before
passing the string to execvp).
* tools/if_not_there.c (main): Declare "fname" local variable;
process argv[1] and argv[2] by TRUSTED_STRING (before passing the
strings to fopen/opendir and execvp, respectively).
include/private/gc_priv.h diff | blob | history
misc.c diff | blob | history
tools/if_mach.c diff | blob | history
tools/if_not_there.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.