Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- bool CAsyncSslSocketLayer::CreateSslCertificate(....)
- {
- ....
- char buffer[1001];
- int len;
- while ((len = pBIO_read(bio, buffer, 1000)) > 0)
- {
- buffer[len] = 0;
- fprintf(file, buffer);
- }
- ....
- }
- This suspicious code was found in WinSCP project by PVS-Studio static code analyzer.
- Warning message is:
- V618 It's dangerous to call the 'fprintf' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); asyncsslsocketlayer.cpp 2247
- PVS-Studio is a static analyzer for detecting bugs in the source code of applications written in C, C++, C++11, C++/CX. Site: http://www.viva64.com/en/pvs-studio/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement