Suppress 'tainted string passed to vulnerable operation' false defects

* include/private/gc_priv.h (TRUSTED_STRING): New tagging macro; add comment. * misc.c (GC_init): Process the result of GETENV("GC_LOG_FILE") by TRUSTED_STRING. * tools/if_mach.c (main): Process argv[3] by TRUSTED_STRING (before passing the string to execvp). * tools/if_not_there.c (main): Declare "fname" local variable; process argv[1] and argv[2] by TRUSTED_STRING (before passing the strings to fopen/opendir and execvp, respectively).
author: Ivan Maidanski <ivmai@mail.ru> 2016-11-15 10:48:31 +0300
committer: Ivan Maidanski <ivmai@mail.ru> 2016-11-15 10:48:31 +0300
commit: f9948563d80a4b9da069b10eac46852763aacaec (patch)
tree: 1e611ca9640f43e1b56d1333b3bac9eeae3fde40 /misc.c
parent: 8946b1289b4ab976588274fb850e0afa1626b678 (diff)
download: bdwgc-f9948563d80a4b9da069b10eac46852763aacaec.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/misc.c b/misc.c
index 5761ab52..43f0d735 100644
--- a/misc.c
+++ b/misc.c
@@ -969,7 +969,7 @@ GC_API void GC_CALL GC_init(void)
 #     if (defined(UNIX_LIKE) && !defined(GC_ANDROID_LOG)) \
          || defined(CYGWIN32) || defined(SYMBIAN)
         {
-          char * file_name = GETENV("GC_LOG_FILE");
+          char * file_name = TRUSTED_STRING(GETENV("GC_LOG_FILE"));
 #         ifdef GC_LOG_TO_FILE_ALWAYS
             if (NULL == file_name)
               file_name = GC_LOG_STD_NAME;
author	Ivan Maidanski <ivmai@mail.ru>	2016-11-15 10:48:31 +0300
committer	Ivan Maidanski <ivmai@mail.ru>	2016-11-15 10:48:31 +0300
commit	f9948563d80a4b9da069b10eac46852763aacaec (patch)
tree	1e611ca9640f43e1b56d1333b3bac9eeae3fde40 /misc.c
parent	8946b1289b4ab976588274fb850e0afa1626b678 (diff)
download	bdwgc-f9948563d80a4b9da069b10eac46852763aacaec.tar.gz