Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re^3: Uncontrolled Format String - Checkmarx issue

by Corion (Patriarch)
on Dec 28, 2022 at 12:00 UTC ( #11149155=note: print w/replies, xml ) Need Help??


in reply to Re^2: Uncontrolled Format String - Checkmarx issue
in thread Uncontrolled Format String - Checkmarx issue

Maybe now is a good time to take a step back and look at what you are trying to do here.

You are asking us about errors that a tool by some other vendor raises. We are not that vendor nor do we have more access than you to the vendor.

Maybe you can talk to the vendor about the documentation of their error message and the description what code causes the error to be raised.

Once you understand what in the code causes the Checkmarx error to be raised with your code, you can ask how to best rewrite your code so it avoids the issue.

  • Comment on Re^3: Uncontrolled Format String - Checkmarx issue

Replies are listed 'Best First'.
Re^4: Uncontrolled Format String - Checkmarx issue
by Rishi2Monk (Novice) on Dec 28, 2022 at 12:24 UTC

    There is no document available from the tool or vendor, hence I tried to seek some help from someone else. I thought there may be someone who might have faced earlier with this kind of issues and solved, can help me instead of experts exploring the root cause

[reply]

      "There is no document available from the tool or vendor."

      This seems highly unlikely, both from the perspective that vendors tend not to sell software products with no documentation, and secondly a cursory web search returned results.

[reply]

      Wikipedia has Uncontrolled Format String, maybe that helps you understand what the error message by Checkmarx wants to say.

      I find it mildly surprising that your employer buys a tool without a contract on the vendor explaining how their tool arrives at a problem.

      Looking at your format string, maybe the tool has a problem with the double %% sequence. Consider replacing it by maybe \%\% or maybe concatenate the percent sign after building the printf string.

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://11149155]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (5)
As of 2023-10-01 16:14 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found
    Notices?