用C污点字符串 [英] Tainted string in C
本文介绍了用C污点字符串的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在我的文件操作功能运行Coverity的工具,并得到以下错误。
I'm running Coverity tool in my file operation function and getting the following error.
正如你可以看到下面,我有问题通过该变量在错误消息中显示的行号之前使用的snprintf()。我想这串的一些消毒必须做作为的snprintf()的一部分。但仍显示警告。
As you can see below, I'm using an snprintf() before passing this variable in question to the line number shown in the error message. I guess that some sanitization of the string has to be done as a part of that snprintf(). But still the warning is shown.
Error:TAINTED_STRING (TAINTED string "fn" was passed to a tainted string sink content.) [coverity]
char fn[100]; int id = 0;
char* id_str = getenv("ID");
if (id_str) {
id = atoi(id_str);
}
memset(fn, '\0', sizeof(fn));
snprintf(fn, 100, LOG_FILE, id);
if(fn[100-1] != '\0') {
fn[100-1] = '\0';
}
log_fp = fopen (fn, "a");
任何帮助将是非常美联社preciated。
Any help would be highly appreciated.
推荐答案
请尝试以下操作:
char* id_str = getenv("ID");
if (id_str) {
id_str = strdup(id_str);
id = atoi(id_str);
free( id_str );
}
传递给fopen的 FN
字符串由环境变量污染。使用的strdup可以充当消毒
The fn
string passed to fopen is tainted by an environment variable. Using strdup may act as "sanitizing".
这篇关于用C污点字符串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文