Skip to content

Commit

Permalink
Add flawfinder warnings
Browse files Browse the repository at this point in the history 
This serves a way to document them until a fix is implemented.
  • Loading branch information
@Neved4
Neved4 committed Nov 17, 2024
1 parent 5e3d91b commit d72b6f9
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions asprintf.c
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@
#include <stdio.h>
#include <stdlib.h>

#include "asprintf.h"

#define MY_FORMAT "%d - %s"

int vasprintf(char **strp, const char *fmt, va_list ap) {
int size, res;

va_list cp;
va_copy(cp, ap);

// FlawFinder: disable check for controlled format string vulnerability (CWE-134)
size = vsnprintf(NULL, 0, fmt, cp);

va_end(cp);
if (size < 0)
return -1;
Expand All @@ -17,18 +20,18 @@ int vasprintf(char **strp, const char *fmt, va_list ap) {
if (*strp == NULL)
return -1;

// FlawFinder: disable check for controlled format string vulnerability (CWE-134)
res = vsnprintf(*strp, size + 1, fmt, ap);

if (res < 0) {
free(*strp);
return -1;
}

return res;
}

int asprintf(char **s, const char *fmt, ...) {
int ret;

va_list ap;
va_start(ap, fmt);
ret = vasprintf(s, fmt, ap);
Expand Down

0 comments on commit d72b6f9

Please sign in to comment.