> On Jul 10, 2015, at 1:07 PM, Steve Mills <[email protected]> wrote: > > Temporarily turn off the warning:
Yikes, don’t do that!! It’s like throwing away your smoke detector because the low-battery beeping bothers you, instead of replacing the battery. TL;DR: The format string parameter to printf (and related functions) should ALWAYS be a string constant. (Except in odd cases if you really, really know what you’re doing.) Format string vulnerabilities are really bad news. They used to be a major source of real-world exploits — bad ones that can allow malicious code execution — until software maintainers wised up and started fixing them. There was a hacking group circa 2006 that spent a month announcing one Mac OS security vulnerability every day; format string vulnerabilities were the largest single cause. That was when Apple started adding this type of warning to first GCC and then Clang. Read up on them here: https://en.wikipedia.org/wiki/Uncontrolled_format_string <https://en.wikipedia.org/wiki/Uncontrolled_format_string> —Jens
_______________________________________________ Do not post admin requests to the list. They will be ignored. Xcode-users mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/xcode-users/archive%40mail-archive.com This email sent to [email protected]
