Community Company Search Contact

taint.c-explain.html from CQual at Krugle

Show taint.c-explain.html syntax highlighted

<html>
<body bgcolor="white">
<h2>Tainting:  Small Example</h2>

<p>
The lower left pane contains the original program, and the lower right
pane contains the program with qualifier annotations.

<p>
In this example, the call to <tt>getenv</tt> returns the value of
environment variable <tt>LD_LIBRARY_PATH</tt>, which may be controlled
by a malicious adversary.  The result of <tt>getenv</tt> is stored
first in <tt>s</tt>, then in <tt>t</tt>, and then is subsequently
passed as a format-string argument to <tt>printf</tt>.  Thus this
program has a potential format-string vulnerability.
</body>
</html>

See more files for this project here

CQual

CQual - A tool for adding type qualifiers to C

Project homepage: http://sourceforge.net/projects/cqual
Programming language(s): C,Java,Shell Script
License: other

  cqual.html
  lock.c
  lock.c-annot.html
  lock.c-explain.html
  lock.c-orig.html
  lock.c.html
  taint.c
  taint.c-annot.html
  taint.c-explain.html
  taint.c-orig.html
  taint.c.html
  taint2.c
  taint2.c-annot.html
  taint2.c-explain.html
  taint2.c-orig.html
  taint2.c.html
  tutorial.html