[Bug 528000] New: Tainted variables in sprintf format
bugzilla at redhat.com
bugzilla at redhat.com
Thu Oct 8 15:05:05 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: Tainted variables in sprintf format
https://bugzilla.redhat.com/show_bug.cgi?id=528000
Summary: Tainted variables in sprintf format
Product: Fedora
Version: 10
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: low
Component: perl-Image-ExifTool
AssignedTo: tcallawa at redhat.com
ReportedBy: pm at datasphere.ch
QAContact: extras-qa at fedoraproject.org
CC: tcallawa at redhat.com, fedora-perl-devel-list at redhat.com
Classification: Fedora
Description of problem:
Some tainted variable(s) are used in sprintf statement(s) causing warnings when
calling program is executed with the -T option. In example:
Insecure dependency in sprintf while running with -T switch at
/usr/lib/perl5/vendor_perl/5.10.0/Image/ExifTool/Exif.pm line 2958
Version-Release number of selected component (if applicable):
perl-5.10.0-73.fc10.i386
perl-Image-Exiftool-7.67-1.fc10.noarch
How reproducible:
Always in 5.10.0, providing the sprintf statement is reached.
Steps to Reproduce:
I don't know how to force it: I discovered it while testing a spamassassin OCR
plugin.
Actual results:
See above
Expected results:
No warning
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-perl-devel-list
mailing list