Re: Class name as NSString and problem with NSLog?
Re: Class name as NSString and problem with NSLog?
- Subject: Re: Class name as NSString and problem with NSLog?
- From: Sean McBride <email@hidden>
- Date: Wed, 19 Mar 2014 17:13:08 -0400
- Organization: Rogue Research Inc.
On Thu, 6 Mar 2014 15:47:08 -0800, Greg Parker said:
>>> I remember the “Month Of Apple Bugs”** that a hacker group ran in 2007,
>>> where they published a new app or OS security vulnerability every day
>>> for month. A lot of them were caused by format-string vulnerabilities.
>>> Soon thereafter the compiler team at Apple added that format-string
>>> security warning :)
>>
>> Though it still doesn't work for NSPredicate APIs:, all these years
>later, ex:
>>
>> -----------------------
>> #import <Foundation/Foundation.h>
>>
>> int main (void)
>> {
>> NSPredicate* predicate = [NSPredicate predicateWithFormat:@"foo == %d"];
>>
>> return !!predicate;
>> }
>> -----------------------
>>
>> "clang -Weverything -fsyntax-only ~/test.m" gives nothing!
>>
>> <rdar://10699748> Dupes welcome. :)
>
>The problem is that +predicateWithFormat: accepts conversions that are
>not part of NSString's format string syntax. Adding format string
>warnings for new format string syntaxes requires compiler changes.
Incase anyone wants to cc themselves, I created this bug:
<http://llvm.org/bugs/show_bug.cgi?id=19200>
Cheers,
--
____________________________________________________________
Sean McBride, B. Eng email@hidden
Rogue Research www.rogue-research.com
Mac Software Developer Montréal, Québec, Canada
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden