Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- BOOL CPOFile::ParseFile(....)
- {
- ....
- printf(File.getloc().name().c_str());
- ....
- }
- "file%s%i%s.txt" - The file name that will ruin everything.
- This suspicious code was found in TortoiseSVN project by PVS-Studio static code analyzer.
- Warning message is:
- V618 It's dangerous to call the 'printf' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); pofile.cpp 158
- PVS-Studio is a static analyzer for detecting bugs in the source code of applications written in C, C++, C++11, C++/CX. Site: http://www.viva64.com/en/pvs-studio/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement