Revision as of 03:44, 7 April 2006 edit Kimos (talk \| contribs) 65 edits →External links ← Previous edit		Revision as of 22:57, 20 April 2006 edit undo 192.92.62.147 (talk) Rewording for clarity: "type-unsafe" to "not type-safe" Next edit →
Line 5: Format string bugs most commonly appear when a programmer wishes to print a string containing user supplied data. The programmer may mistakenly write <code>printf(buffer)</code> instead of <code>printf("%s", buffer)</code>. The first version interprets <code>buffer</code> as a format string, and parses any formatting instructions it may contain. The second version simply prints a string to the screen, as the programmer intended. Format bugs arise because C's argument passing conventions are not [[Type safety\|type-~~unsafe~~safe]]. In particular, the <code>varargs</code> mechanism allows [[Subprogram\|functions]] to accept any number of arguments (e.g. <code>printf</code>) by "popping" as many [[Argument\|arguments]] off the [[call stack]] as they wish, trusting the early arguments to indicate how many additional arguments are to be popped, and of what types. ==See also==

Uncontrolled format string: Difference between revisions