[PATCH 18/20] monitor/mon-prmisc.c: Use puts() not fprintf()

Joel Sherrill joel.sherrill at oarcorp.com
Tue Nov 25 23:02:46 UTC 2014


From: Josh Oguin <josh.oguin at oarcorp.com>

CodeSonar flagged this as a case where the user could inject a format
string and cause issues. Since we were not printing anything but a
string, just switching to puts() rather than fprintf(stdout,...) was
sufficient to make this code safer.
---
 cpukit/libmisc/monitor/mon-prmisc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpukit/libmisc/monitor/mon-prmisc.c b/cpukit/libmisc/monitor/mon-prmisc.c
index b22ae55..8607974 100644
--- a/cpukit/libmisc/monitor/mon-prmisc.c
+++ b/cpukit/libmisc/monitor/mon-prmisc.c
@@ -103,7 +103,7 @@ rtems_monitor_dump_name(rtems_id id)
 
     rtems_object_get_name( id, sizeof(name_buffer), name_buffer );
 
-    return fprintf( stdout, name_buffer );
+    return puts( name_buffer );
 }
 
 int
-- 
1.9.3




More information about the devel mailing list