Content deleted Content added
Ntn haqqer (talk | contribs) |
TimBentley (talk | contribs) m Corrected link to disambiguation page. (you can help!) |
||
Line 5:
Format string bugs most commonly appear when a programmer wishes to print a string containing user supplied data. The programmer may mistakenly write <code>printf(buffer)</code> instead of <code>printf("%s", buffer)</code>. The first version interprets <code>buffer</code> as a format string, and parses any formatting instructions it may contain. The second version simply prints a string to the screen, as the programmer intended.
Format bugs arise because C's argument passing conventions are [[Type safety|type-unsafe]]. In particular, the <code>varargs</code> mechanism allows [[Subprogram|functions]] to accept any number of arguments (e.g. <code>printf</code>) by "popping" as many [[Argument|arguments]] off the
==See also==
| |||