...
| Code Block | ||
|---|---|---|
| ||
class Format {
static Calendar c = new GregorianCalendar(1995, GregorianCalendar.MAY, 23);
public static void main(String[] args) {
// args[0] is the credit card expiration date
// args[0] can contain either %1$tm, %1$te or %1$tY as malicious arguments
// First argument prints 05 (May), second prints 23 (day) and third prints 1995 (year)
// Perform comparison with c, if it doesn't match print the following line
System.out.printfformat(args[0] +
" did not match! HINT: It was issued on %1$terd of some month", c);
}
}
|
...
| Code Block | ||
|---|---|---|
| ||
class Format {
static Calendar c =
new GregorianCalendar(1995, GregorianCalendar.MAY, 23);
public static void main(String[] args) {
// args[0] is the credit card expiration date
// Perform comparison with c,
// if it doesn't match, print the following line
System.out.printf("%s did not match! "format(
"%s did +not "match! HINT: It was issued on %1$terd%terd of some month",
args[0], c
);
}
}
|
Risk Assessment
Allowing user input to taint a format string may cause information leaks or denial of service.
...