This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: GCC extension for protecting applications from format stringattacks
- To: Richard Henderson <rth at redhat dot com>
- Subject: Re: GCC extension for protecting applications from format stringattacks
- From: Alan Modra <alan at linuxcare dot com dot au>
- Date: Fri, 6 Apr 2001 11:24:50 +1000 (EST)
- cc: Zack Weinberg <zackw at Stanford dot EDU>, Makoto Iwamura <iwamura at pb dot highway dot ne dot jp>, vuln-dev at securityfocus dot com, gcc-patches at gcc dot gnu dot org, etoh at jp dot ibm dot com
On Thu, 5 Apr 2001, Richard Henderson wrote:
> #define printf(FMT, ...) \
> xprintf(check_it(__VA_LIST__), (FMT), ## __VA_LIST__)
Then watch lots of programs break that do nasty things like
printf (
#if something
abc_string
#else
xyz_string
#endif
);
Yes, I know this code breaks standards as printf is explicitly allowed to
be a macro, and I know recent glibc defines printf as a macro, but....
Alan
--
Linuxcare