Skip to content

Commit 99eda42

Browse files
committed
Fix format string vulnerability in using agerr() to report errors during parsing.
We now use a fixed format %s, and pass the error string as an argument.
1 parent faf196c commit 99eda42

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

Diff for: lib/cgraph/scan.l

+2-1
Original file line numberDiff line numberDiff line change
@@ -225,6 +225,7 @@ ID ({NAME}|{NUMBER})
225225
<hstring>([^><\n]*) addstr(yytext);
226226
. return (yytext[0]);
227227
%%
228+
228229
void yyerror(char *str)
229230
{
230231
unsigned char xbuf[BUFSIZ];
@@ -273,7 +274,7 @@ void yyerror(char *str)
273274
break;
274275
}
275276
agxbputc (&xb, '\n');
276-
agerr(AGERR,agxbuse(&xb));
277+
agerr(AGERR, "%s", agxbuse(&xb));
277278
agxbfree(&xb);
278279
}
279280
/* must be here to see flex's macro defns */

0 commit comments

Comments
 (0)