Subject: Re: [boost] Review - boost::log
From: Vladimir Prus (ghost_at_[hidden])
Date: 2010-03-14 17:50:55

• Next message: Matthew Herrmann: "Re: [boost] [Boost.Locale] New Release"
• Previous message: Tom Brinkman: "Re: [boost] Review - boost::log"
• In reply to: Scott McMurray: "Re: [boost] Review - boost::log"
• Next in thread: Andrey Semashev: "Re: [boost] Printf-style format specifiers (was: Review - boost::log)"
• Reply: Andrey Semashev: "Re: [boost] Printf-style format specifiers (was: Review - boost::log)"

On Sunday 14 March 2010 23:37:06 Scott McMurray wrote:

> On 14 March 2010 15:21, Tom Brinkman <reportbase2007_at_[hidden]> wrote:
> >> The printf style parameters is responsible for thousands and thousands of
> >> security vulnerabilities.
> >
> > Just plain wrong.
> >
>
> Some evidence for your position would be good, since it's trivial to
> find documentation of holes from printf-style parameters:
> http://en.wikipedia.org/wiki/Format_string_attack

I don't think that's hole from printf-style parameters. By reading that
page it's trivial to notice that it's the %n format specifier -- which
actually writes something into program -- is the key component of attack.
Clearly a printf-like function that does not support any way to modify
program state is safe. Am I missing something?

Thanks,
Volodya

• Next message: Matthew Herrmann: "Re: [boost] [Boost.Locale] New Release"
• Previous message: Tom Brinkman: "Re: [boost] Review - boost::log"
• In reply to: Scott McMurray: "Re: [boost] Review - boost::log"
• Next in thread: Andrey Semashev: "Re: [boost] Printf-style format specifiers (was: Review - boost::log)"
• Reply: Andrey Semashev: "Re: [boost] Printf-style format specifiers (was: Review - boost::log)"