search

jmakhack / myanimelist-cli

Minimalistic command line interface for fetching user anime data from MyAnimeList.
https://aur.archlinux.org/packages/mya-git
MIT License
11 stars 15 forks source link

[TASK] Fix potential security problem in sprintf call #57

Closed jmakhack closed 2 years ago

jmakhack commented 2 years ago

Task Context

The following Codacy link contains the description of the potential security issue:

https://app.codacy.com/gh/jmakhack/myanimelist-cli/issues?bid=22863233&filters=W3siaWQiOiJMYW5ndWFnZSIsInZhbHVlcyI6W119LHsiaWQiOiJDYXRlZ29yeSIsInZhbHVlcyI6WyJTZWN1cml0eSJdfSx7ImlkIjoiTGV2ZWwiLCJ2YWx1ZXMiOltdfSx7ImlkIjoiUGF0dGVybiIsInZhbHVlcyI6WyI2NTAzIl19LHsiaWQiOiJBdXRob3IiLCJ2YWx1ZXMiOltdfV0=

Acceptance Criteria

The acceptance criteria for this task is to adjust the code to fix the potential security issue with the sprintf call.

Additional Context

For more info about CWE-120: https://cwe.mitre.org/data/definitions/120.html

For any questions or discussions, join the Discord to meet and engage with other contributors!

Discord

sameersecond commented 2 years ago

Hi, Can I work on this issue?

jmakhack commented 2 years ago

go for it @sameersecond! :)

sameersecond commented 2 years ago

I think Ahmed has already made the changes in #59.