Re^4: Uncontrolled Format String

in reply to Re^3: Uncontrolled Format String - Checkmarx issue
in thread Uncontrolled Format String - Checkmarx issue

There is no document available from the tool or vendor, hence I tried to seek some help from someone else. I thought there may be someone who might have faced earlier with this kind of issues and solved, can help me instead of experts exploring the root cause

Comment on Re^4: Uncontrolled Format String - Checkmarx issue

Replies are listed 'Best First'.
Re^5: Uncontrolled Format String - Checkmarx issue by marto (Cardinal) on Dec 28, 2022 at 12:44 UTC
"There is no document available from the tool or vendor." This seems highly unlikely, both from the perspective that vendors tend not to sell software products with no documentation, and secondly a cursory web search returned results.	[reply]
Re^5: Uncontrolled Format String - Checkmarx issue by Corion (Patriarch) on Dec 28, 2022 at 12:39 UTC
Wikipedia has Uncontrolled Format String, maybe that helps you understand what the error message by Checkmarx wants to say. I find it mildly surprising that your employer buys a tool without a contract on the vendor explaining how their tool arrives at a problem. Looking at your format string, maybe the tool has a problem with the double `%%` sequence. Consider replacing it by maybe `\%\%` or maybe concatenate the percent sign after building the `printf` string.	[reply] [d/l] [select]

In Section Seekers of Perl Wisdom