Revision as of 12:21, 17 March 2004 edit Pfortuny (talk \| contribs) 1,764 edits m [arguments] ← Previous edit		Revision as of 14:48, 17 March 2004 edit undo Jeeves (talk \| contribs) 609 edits m fixups Next edit →
Line 3: This is a common vulnerability due to the fact that format bugs were previously thought harmless and resulted in vulnerabilites in many common tools. [http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=format+string MITRE's CVE project] list roughly 150 vulnerable programs. Format bugs ~~are~~arise because C's argument passing conventions are type-unsafe. In particular, the <code>varargs</code> mechanism allows [[Subprogram\|functions]] to accept any number of arguments (e.g. <code>printf</code>) by "popping" as many [[Argument\|arguments]] off the call [[Stack_(computing)\|stack]] as they wish, trusting the early arguments to indicate how many additional arguments are to be popped, and of what ~~type~~types. ===See Also===

Uncontrolled format string: Difference between revisions