On Wed, Dec 04, 2013 at 11:56:23PM +0100, Brendan Jones wrote: > Patching is not a problem. Unnecessary is the question. Explain to > me (not you in particular Rahul) how these printf's can possibly be > exploited?
Uhm, I just took a look at the hydrogen source. The problem with it is that it's not at all obvious that the f?printf calls can't lead to bad things happening. This is not a case of GCC failing to account for some trivial indirection. Fix it, please. Really, you should. Lars -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
