My favorites | Sign in
Project Home Downloads Wiki Issues Code Search
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 37042: Security: fprintf no validation of module where does module come from? If it comes from the user it could be bad
1 person starred this issue and may be notified of changes. Back to list
Status:  Invalid
Owner:  ----
Closed:  Feb 2013

Restricted
  • Only users with Commit permission may comment.


Sign in to add a comment
 
Reported by mparsons...@gmail.com, Feb 28, 2010 
 Line 247 in C:\chromiumtrunk\home\chrome-
svn\tarball\chromium\src\third_party\codesighs\nmtsv.c   


 **  Module name, segment.
            */
            fprintf(inOptions->mOutput, "%s\t", module);
            fprintf(inOptions->mOutput, "%c\t", toupper(*type));

            /*
            **  Origin
            */





Matt Parsons, MSM, CISSP
315-559-3588 Blackberry
817-294-3789 Home office 
"Do Good and Fear No Man"  
Fort Worth, Texas
A.K.A The Keyboard Cowboy
mailto:mparsons1980@gmail.com
http://www.parsonsisconsulting.com
http://www.o2-ounceopen.com/o2-power-users/
http://www.linkedin.com/in/parsonsconsulting
http://parsonsisconsulting.blogspot.com/
http://www.vimeo.com/8939668
Feb 28, 2010
#1 jschuh@chromium.org 
There's no visible security bugs in this report. You appear to be submitting bug 
reports containing output from an automated tool. Automated analysis tools generally 
have an extremely high false positive rate and require detailed manual follow-up to 
identify actual security bugs. So, please stop submitting these reports unless you've 
first confirmed that an actual bug exists.
Status: Invalid
Labels: -Restrict-View-SecurityTeam -Security -Pri-0
Oct 12, 2012
#2 bugdroid1@chromium.org 
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.
Owner: ---
Labels: Restrict-AddIssueComment-Commit
Mar 10, 2013
#3 bugdroid1@chromium.org 
(No comment was entered for this change.)
Labels: -Area-Undefined
Sign in to add a comment

Powered by Google Project Hosting