Summary: | format bug: sprintf() twice on top of each other | ||
---|---|---|---|
Product: | Tomcat Connectors | Reporter: | J <Joerg-Cyril.Hoehle> |
Component: | Common | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | oss-bugs |
Priority: | P4 | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | All |
Description
J
2005-11-01 17:50:59 UTC
Like you said: The good news is that it currently cannot be easily misused, because the function involved is so far only used with the format string "Memory Error" -- not a single "%" therein. However it's just sitting there, waiting to be put to other uses. So, we'll be paranoid if someone puts "%" instead "Memory error" An additional safety net has been introduced, any remaining special formatting character gets replaced now. Will be part of 1.2.27. |