Revision as of 21:40, 21 August 2019 edit Matthiaspaul (talk \| contribs) Autopatrolled, Extended confirmed users, Page movers, New page reviewers, Pending changes reviewers, Rollbackers, Template editors 138,135 edits →See also: -desc ← Previous edit		Revision as of 20:12, 12 September 2019 edit undo 2620:0:e50:3030:d4ce:2840:bb66:d15d (talk) →Details: Capitalized 'perl' Next edit →
Line 11: Format bugs arise because C's argument passing conventions are not [[Type safety\|type-safe]]. In particular, the <code>[[vararg]]s</code> mechanism allows [[subprogram\|function]]s to accept any number of arguments (e.g. <code>printf</code>) by "popping" as many [[argument]]s off the [[call stack]] as they wish, trusting the early arguments to indicate how many additional arguments are to be popped, and of what types. Format string bugs can occur in other programming languages besides C, such as ~~perl~~Perl, although they appear with less frequency and usually cannot be exploited to execute code of the attacker's choice.<ref name="bugtrag_perl"/> == History ==

Uncontrolled format string: Difference between revisions