Hi, I work in information flow analysis of programs and my analysis gave a possible warning with respect to format string vulnerability in csplit (Version 8.17).
In csplit, there is a global variable called "suffix" which is initialized through a command line argument in function main *suffix = optarg* Next, this variable is used as a format argument in a sprintf call in function make_filename. *sprintf (filename_space + strlen (prefix), suffix, num)* Our analysis flagged this behavior. However, we are not sure whether Coreutil developers are aware of this behaviour. This might very well be a false positive. We just wanted to confirm our analysis. Any response in this regard will be appreciated. Thanks Regards, Kapil
