• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: warning at nslog
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: warning at nslog


  • Subject: Re: warning at nslog
  • From: Bill Bumgarner <email@hidden>
  • Date: Sun, 27 Sep 2009 14:36:25 -0700

On Sep 27, 2009, at 9:12 AM, Jos Timanta Tarigan wrote:
NSLog(absolutePath);

Others have replied w/an answer, but I wanted to pose a question...

What would happen if absolutePath just so happened to contain a %@ or %s in it somewhere?

Bad things, for sure.

The point of this is to encourage folks to consider a parameter not for the value you think it contains, but for the value it might contain...

Focusing on the former and not the latter is a great boon to those that exploit security holes. :)

b.bum

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

References: 
 >warning at nslog (From: Jos Timanta Tarigan <email@hidden>)

  • Prev by Date: Re: SnowLeopard:: change build settings to 32-bit
  • Next by Date: Re: warning at nslog
  • Previous by thread: Re: warning at nslog
  • Next by thread: Re: warning at nslog
  • Index(es):
    • Date
    • Thread